“We believe that cyber-operators working under the control of Chinese intelligence learned about the Microsoft vulnerability in early January, and were racing to exploit the vulnerability before [it] was widely identified in the public domain,” a security source told the BBC.

https://www.bbc.co.uk/news/world-asia-china-57889981