Bad actors used a Windows zero-day in financial attacks (Pierluigi Paganini, Security Affairs)

In March 2016 experts from FireEye spotted a malicious campaign conducted by a financially motivated threat actor that leveraged on a zero-day exploit

http://securityaffairs.co/wordpress/47196/cyber-crime/zero-day-punchbuggy.html