Israel-based company called Candiru used two zero-day Windows flaws to hack journalists, academics, activists, activists. Candiru was also formally identified as commercial surveillance company that Google’s Threat Analysis Group revealed as exploiting multiple vulnerabilities in Chrome browser to target victims located in Armenia. Microsoft addressed both the privilege escalation flaws, which enable an adversary to escape browser sandboxes and gain kernel code execution, on July 13. The intrusions culminated in the deployment of DevilsTongue, a modular C/C++-based backdoor equipped with a number of capabilities.
Source: https://thehackernews.com/2021/07/israeli-firm-helped-governments-target.html