TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos.
The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,

Source

What's Hot

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

The hidden risks of browser extensions – and how to avoid them

How it preys on personal data – and how to stay safe

Beware of threats lurking in booby-trapped PDF files

Subscribe to Updates

What's Hot

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Related Posts

Subscribe to Updates