WPS Office Vulnerability Allows Arbitrary Code Execution

APT-C-60, a South Korea-aligned cyberespionage group, exploited a code execution vulnerability (CVE-2024-7262) in WPS Office for Windows to target East Asian countries.  Upon analyzing the root cause, researchers discovered an alternative way to exploit the faulty code (CVE-2024-7263), which allowed attackers to execute arbitrary code on a vulnerable system, enabling them to compromise sensitive data … Continue reading WPS Office Vulnerability Allows Arbitrary Code Execution