Kaspersky security researchers discovered a new threat actor dubbed PuzzleMaker, who has used a chain of Google Chrome and Windows 10 zero-day exploits in highly-targeted attacks against multiple companies worldwide. The attacks took place in two separate campaigns, in February and October 2020, with at least a dozen websites hosting two exploit servers, each of them targeting iOS and Windows or Android users. The attackers abused the Windows Notification Facility with the CVE-2021-31956 vulnerability to execute malware modules with system privileges on compromised Windows 10 systems.
Source: https://www.bleepingcomputer.com/news/security/windows-10-targeted-by-puzzlemaker-hackers-using-chrome-zero-days/