from Hotznplotzn@lemmy.sdf.org to cybersecurity@infosec.pub on 03 Nov 06:12
https://lemmy.sdf.org/post/45081108
cross-posted from: lemmy.sdf.org/post/45081057
Oct 31, 2025Ravie LakshmananMalware / Threat Intelligence
A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025.
The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said in a technical report published Thursday.
“The attack chain begins with spear-phishing emails containing an embedded URL that is the first of several stages that lead to the delivery of malicious LNK files themed around European Commission meetings, NATO-related workshops, and multilateral diplomatic coordination events,” the cybersecurity company said.
[…]
threaded - newest