TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

6 days ago [email protected] (The Hacker News)
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks


A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos.
The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,

The post “TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

14 hours ago [email protected] (The Hacker News)

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

1 day ago [email protected] (The Hacker News)

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

1 day ago [email protected] (The Hacker News)

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

3 days ago [email protected] (The Hacker News)

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

3 days ago [email protected] (The Hacker News)

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

3 days ago [email protected] (The Hacker News)