Based on TWCERT/CC’s note that admin privileges are required for exploitation, the flaw has likely been chained with a different vulnerability.There appears to be no public information on attacks involving CVE-2024-7694, but the fact that the affected product comes from a Taiwanese cybersecurity firm and serves government clients naturally raises the possibility of involvement byChina-linked threat actors, although this remains entirely speculative without supporting evidence.SecurityWeekhas reached out to both TeamT5 and TWCERT/CC for comment on the attacks and will update this article if they respond. However, the responses may be delayed due to the Lunar New Year in Taiwan.Related:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom FirmsRelated:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

There appears to be no public information on attacks involving CVE-2024-7694, but the fact that the affected product comes from a Taiwanese cybersecurity firm and serves government clients naturally raises the possibility of involvement byChina-linked threat actors, although this remains entirely speculative without supporting evidence.SecurityWeekhas reached out to both TeamT5 and TWCERT/CC for comment on the attacks and will update this article if they respond. However, the responses may be delayed due to the Lunar New Year in Taiwan.Related:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom FirmsRelated:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

SecurityWeekhas reached out to both TeamT5 and TWCERT/CC for comment on the attacks and will update this article if they respond. However, the responses may be delayed due to the Lunar New Year in Taiwan.Related:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom FirmsRelated:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

Related:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom FirmsRelated:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

Related:Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom FirmsRelated:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

Related:China Revives Tianfu Cup Hacking Contest Under Increased SecrecyRelated:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

Related:Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets

Eduard Kovacs (@EduardKovacs) is the managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise.

SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats.

Source: SecurityWeek