https://arstechnica.com/gadgets/2021/03/microsoft-patches-critical-0day-that-north-korea-used-to-target-researchers/

Microsoft has patched a critical zero-day vulnerability that North Korean hackers were using to target security researchers with malware.

The in-the-wild attacks came to light in January in posts from Google and Microsoft. Hackers backed by the North Korean government, both posts said, spent weeks developing working relationships with security researchers. To win the researchers' trust, the hackers created a research blog and Twitter personas who contacted researchers to ask if they wanted to collaborate on a project.