Stealth Falcon APT Exploits Microsoft RCE Zero-Day

Nation-state adversaries are exploiting a zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WEBDAV) protocol, allowing remote code execution on target systems. The Stealth Falcon APT group is using this vulnerability to compromise high-profile defense entities in the Middle East, delivering a custom backdoor implant called Horus Agent. Microsoft has patched this vulnerability along with 65 others in its June Patch Tuesday release, emphasizing the importance of prompt patching for all affected systems.