TrueConf Zero-Day Exploited in Targeted Government Attacks

📰 Dev.to · BeyondMachines

China-nexus attackers exploited a zero-day vulnerability (CVE-2026-3502) in TrueConf's update mechanism to deploy the Havoc C2 framework across Southeast Asian government networks. The flaw allows attackers who compromise an on-premises server to push malicious updates to all connected clients witho

Published 2 Apr 2026
Read full article → ← Back to Reads