A targeted attack against pro-Tibetan supporters has been discovered that installs the ExileRat remote access remote access through malicious attachments. Once infected, the RAT will allow attackers to retrieve information, execute commands, and steal data from the infected computers. The CTA is an organization that is considered to the Tibetan government in exile and this mailing list is used by the organization to communicate with their supporters. While a state-sponsored attack from China could be a reasonable guess, there is no known evidence that this is the case at this point.
Source: https://www.bleepingcomputer.com/news/security/exilerat-targeting-tibetan-supporters-via-malicious-powerpoint-docs/