Chinese state-sponsored threat actors have been abusing a Windows zero-day vulnerability to target diplomats across the European continent, security researchers are warning.