Post #8711

⚠️ A zero-day in TrueConf let attackers spread malware through its own update system. CVE-2026-3502 (CVSS 7.8) was exploited by compromising on-prem servers, pushing tampered updates to all connected clients in government networks across Southeast Asia. 🔗 How the TrueChaos campaign weaponized software updates → https://thehackernews.com/2026/03/trueconf-zero-day-exploited-in-attacks.html