APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

Published: 5 days ago (February 3, 2026 at 04:12 AM EST)

1 min read

Source: The Hacker News

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the shortc…

Back to Blog

After Six Years, Two Pentesters Arrested in Iowa Receive $600,000 Settlement

Incident overview 'They were crouched down like turkeys peeking over the balcony,' the county sheriff told Ars Technica.^1 A half hour past midnight on Septemb...

Cyber-Espionage Group Breached Systems in 37 Nations, Security Researchers Say

Overview An Asian cyber‑espionage group has spent the past year breaking into computer systems belonging to governments and critical‑infrastructure organizatio...

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

Ravie Lakshmanan Feb 08, 2026 Artificial Intelligence / Vulnerability !Malicious ClawHub Skillshttps://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFUWaE...

Substack confirms data breach affects users’ email addresses and phone numbers

Breach details Substack confirmed that an “unauthorized third party” accessed user data in October. The compromised information includes email addresses, phone...

Related posts

After Six Years, Two Pentesters Arrested in Iowa Receive $600,000 Settlement

Cyber-Espionage Group Breached Systems in 37 Nations, Security Researchers Say

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

Substack confirms data breach affects users’ email addresses and phone numbers