The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, has been exploited in the wild.
CVE-2024-43461 was used in attacks by the Void Banshee APT hacking group. Research from Trend Micro claims that Void Banshee lures people by disseminating harmful files disguised as book PDFs through zip archives.
https://cybersecuritynews.com/windows-m ... y-exploit/