Secureworks report highlights that the Chinese government mandates security researchers to report discovered vulnerabilities to state authorities, giving Chinese threat actors an advantage in accessing and exploiting zero-day vulnerabilities. For example, a recent Microsoft August 2024 Patch Tuesday included a critical zero-click, wormable Windows vulnerability (CVE-2024-38063), illustrating the serious nature of such exploits. This policy accelerates the use of zero-days by Chinese groups, enabling them to exploit these flaws ahead of public or vendor patching efforts, posing significant global cybersecurity risks.

Join for free to read