The recently patched "Windows MSHTML spoofing vulnerability" (CVE-2024-43461) has been reclassified as previously exploited by the Void Banshee APT group.
Initially disclosed during September 2024 Patch Tuesday, Microsoft updated its advisory on Friday to acknowledge prior exploitation of the vulnerability.
Discovered by Peter Girnus of Trend Micro's Zero Day team, the flaw facilitated zero-day attacks by Void Banshee for deploying information-stealing malware. Void Banshee, identified by Trend Micro, targets organizations across North America, Europe, and Southeast Asia, primarily for data theft and financial motives.
Read more...