Security News > 2024 > August > APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
2024-08-28 13:48
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and DBAPPSecurity. The attacks have been found to infect Chinese and East Asian users
News URL
https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
Related news
- China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)
- ⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More (source)
- South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware (source)
- ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More (source)