Advertisement · 728 × 90
#
Hashtag
#TrueConf
Advertisement · 728 × 90
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
12 hours ago
Preview
TrueConf Zero-Day Exploited in Asian Government Attacks A Chinese threat actor exploited a zero-day in TrueConf's update mechanism (CVE-2026-3502) to distribute a malicious update from a compromised on-premises server in attacks against government entities in Asia. The trojanized installer used DLL sideloading to deploy an implant for reconnaissance, persistence and C2 communications, and TrueConf released version 8.5.3 while...

A Chinese threat actor exploited CVE-2026-3502 in TrueConf’s update mechanism, distributing a malicious DLL-sideloaded update from a compromised server targeting Asian government entities. #TrueConf #DLLSideloading #China

0 0 0 0
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
13 hours ago
Preview
CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers A high-severity bug (CVE-2026-3502) in the TrueConf video conferencing tool is being actively exploited, prompting CISA to order federal agencies to patch within two weeks. Check Point links the campaign, called TrueChaos, to Chinese actors using Havoc and ShadowPad who pushed weaponized updates through compromised on-premises TrueConf servers. #TrueConf #CVE-2026-3502...

CISA mandates federal agencies to patch high-severity TrueConf bug CVE-2026-3502 by April 16. TrueChaos campaign linked to Chinese hackers exploits video conferencing updates via compromised servers. #TrueConf #China #SoutheastAsia

0 0 0 0
2rZiKKbOU3nTafniR2qMMSE0gwZ
2rZiKKbOU3nTafniR2qMMSE0gwZ
@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy
2 days ago
Original post on securityweek.com

TrueConf Zero-Day Exploited in Asian Government Attacks A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional paylo...

#Vulnerabilities #Asia #China #exploited #Government […]

[Original post on securityweek.com]

0 0 0 0
The New Oil
The New Oil
@thenewoil.org
3 days ago
Preview
Hackers exploit TrueConf zero-day to push malicious software updates Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. [...]

Hackers exploit #TrueConf zero-day to push malicious software updates

www.bleepingcomputer.com/news/security/hackers-ex...

#malware #cybersecurity

0 0 0 0
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
3 days ago
Preview
Hackers exploit TrueConf zero-day to push malicious software updates Attackers exploited a zero-day in TrueConf's update mechanism (CVE-2026-3502) to replace legitimate updates with malicious executables and distribute them to all connected endpoints. Check Point links the TrueChaos campaign to Chinese-nexus activity and observed DLL sideloading, UAC bypass, reconnaissance, and likely use of the Havoc C2; TrueConf versions 8.1.0–8.5.2 were patched in 8.5.3 (March 2026). #TrueConf #Havoc

Hackers exploited a zero-day flaw (CVE-2026-3502) in TrueConf’s update mechanism to push malicious software via fake updates in the TrueChaos campaign linked to China. TrueConf patched versions 8.1.0–8.5.2 in 8.5.3. #TrueConf #China

0 0 0 0
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
4 days ago

Critical zero-day vulnerability in TrueConf software exploited in the wild. Update immediately to protect your systems. #CyberSecurity #ZeroDay #TrueConf Link: thedailytechfeed.com/trueconf-zer...

0 0 0 0
CyberTaters
CyberTaters
@potato.software
4 days ago

Critical zero-day vulnerability in TrueConf software exploited in the wild. Update immediately to protect your systems. #PotatoSecurity #ZeroDay #TrueConf Link: thedailytechfeed.com/trueconf-zer...

0 0 0 0
Ralf Ladner
Ralf Ladner
@ralf-ladner.bsky.social
4 days ago
Post image

Zero-Day-Schwachstelle in abgehärteten Videokonferenz-Tool Trueconf

@CheckPointSW #Cybersecurity #Cybersicherheit #Cyberspionage #Malware #Schwachstelle #TrueConf #Videokonferenz #ZeroDay #ZeroTrust

netzpalaver.de/2026/...

0 0 0 0
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
4 days ago
Preview
Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets Check Point Research discovered a zero-day in the TrueConf client (CVE-2026-3502, CVSS 7.8) that allows an attacker controlling an on‑premises TrueConf server to distribute and execute arbitrary files to connected endpoints via the product's update mechanism. The flaw was abused in a targeted campaign dubbed "TrueChaos" to deploy the Havoc payload against government entities in Southeast Asia. #TrueConf #Havoc

Check Point Research uncovered CVE-2026-3502 in TrueConf allowing malicious updates via compromised servers. Exploited in “TrueChaos” to deploy Havoc payload targeting Southeast Asian government systems. #TrueConf #Vietnam #ZeroDay

0 0 0 0
iT4iNT SERVER
iT4iNT SERVER
@it4intserver.bsky.social
5 days ago
Preview
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,

iT4iNT SERVER TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks VDS VPS Cloud #CyberSecurity #ZeroDay #TrueConf #Vulnerability #CVE2026

0 0 0 0