Chinese Hackers Exploit Microsoft Office Latest Zero-Day CVE-2022-30190
Chinese Hackers Exploit Microsoft Office Latest Zero-Day CVE-2022-30190
Proofpoint has identified a Chinese state-linked threat group, TA413 to be actively exploiting Microsoft Office's latest zero-day, CVE-2022-30190. The observed attack was targeting the international Tibetan community and was delivered in a compressed zip archive. As tweeted by ProofPoint, "TA413 CN APT spotted ITW exploiting the #Follina #0Day using URLs to deliver Zip Archives which contain Word Documents that use the technique. Campaigns impersonate the "Women Empowerments Desk" of the Central Tibetan Administration and use the domain tibet-gov.web[.]app."