TrueConf Zero-Day Used to Distribute Malicious Updates
⚠ A high-severity update integrity flaw in TrueConf client (CVE-2026-3502, CVSS 7.8) has been exploited in the wild as part of the TrueChaos campaign. An attacker who controls an on‑premises TrueConf server can substitute legitimate update packages with poisoned installers that lead to arbitrary code execution via DLL side‑loading. Check Point observed the operation targeting government entities in Southeast Asia and linking activity to a Chinese‑nexus actor. Vendor patches are available in TrueConf Windows client 8.5.3 and organizations should apply them and verify update integrity.
