Photo by Amelia Holowaty Krales / The Verge
A newly discovered vulnerability in Microsoft Office is already being exploited by hackers linked to the Chinese government, according to threat analysis research from security firm Proofpoint.
Details shared by Proofpoint on Twitter suggest that a hacking group labeled TA413 was using the vulnerability (named “Follina” by researchers) in malicious Word documents purported to be sent from the Central Tibetan Administration, the Tibetan government in exile based in Dharamsala, India. The TA413 group is an APT, or “advanced persistent threat,” actor believed to be linked to the Chinese government and has previously been observed targeting the Tibetan exile community.
In general, Chinese hackers have a history of using software security…