Tag: office
-
Fancy Bear Returns: APT28 Exploits Office Flaw in >>Operation Neusploit<<
The post Fancy Bear Returns: APT28 Exploits Office Flaw in >>Operation Neusploit<< appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fancy-bear-returns-apt28-exploits-office-flaw-in-operation-neusploit/
-
Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-exploit-recently-patched-microsoft-office-bug-in-attacks/
-
Zero-Day in Microsoft Office Enables Stealthy Malware Infections
Tags: cve, cyber, exploit, government, infection, infrastructure, malicious, malware, microsoft, office, vulnerability, zero-dayMicrosoft disclosed a critical zero-day vulnerability in Office products on January 26, 2026, tracked as CVE-2026-21509, with active exploitation in the wild confirmed. The vulnerability enables attackers to deploy sophisticated malware through malicious document files, targeting government organizations and critical infrastructure. Indicator Type Value CVE CVE-2026-21509 Malicious Domains freefoodaid[.]com, wellnesscaremed[.]com, wellnessmedcare[.]org C2 Infrastructure *.filen.net, *.filen.io…
-
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
Ukraine’s CERT says the bug went from disclosure to active exploitation in days First seen on theregister.com Jump to article: www.theregister.com/2026/02/02/russialinked_apt28_microsoft_office_bug/
-
âš¡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage.Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt, and how fast attackers try to stay…
-
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-exploits-office-flaw/
-
Week in review: Microsoft fixes exploited Office zero-day, Fortinet patches FortiCloud SSO flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: When open science meets real-world cybersecurity In this Help Net Security … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/01/week-in-review-microsoft-fixes-exploited-office-zero-day-fortinet-patches-forticloud-sso-flaw/
-
Home Office announces sweeping police technology plans
The Home Office plans to ramp up its deployment of artificial intelligence and facial-recognition technologies under wide-ranging reforms to UK policing First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638196/Home-Office-announces-sweeping-police-technology-plans
-
Home Office announces sweeping police technology plans
The Home Office plans to ramp up its deployment of artificial intelligence and facial-recognition technologies under wide-ranging reforms to UK policing First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638196/Home-Office-announces-sweeping-police-technology-plans
-
Cyberattack on large Russian bread factory disrupts supply deliveries
The Vladimir Bread Factory, one of the largest bakery producers in its region, said in a statement that its internal digital systems were hit overnight on Sunday, knocking out office computers, servers and electronic document management tools. First seen on therecord.media Jump to article: therecord.media/cyberattack-russian-bread-factory-supply-disruptions
-
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/microsoft-oob-update-january-2026/
-
CISA chief uploaded sensitive government files to public ChatGPT
Tags: access, chatgpt, cisa, compliance, control, cybersecurity, government, infrastructure, office, toolLeadership credibility questioned: The uploads triggered an internal DHS assessment involving the department’s then-acting general counsel Joseph Mazzara and chief information officer Antoine McCord, along with CISA’s chief information officer Robert Costello and chief counsel Spencer Fisher, the report said. The outcome has not been disclosed.According to the report, CISA spokesperson Marci McCarthy confirmed that…
-
CVE-2026-21509 – Microsoft schließt Zero Days in Office im Eiltempo
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-sicherheitsluecke-cve-2026-21509-office-update-a-bcf2b30c791d0772c56512f96c0c97f1/
-
Fixes released for a serious Microsoft Office zero-day flaw
This article originally appeared on Computerworld. First seen on csoonline.com Jump to article: www.csoonline.com/article/4123146/fixes-released-for-a-serious-microsoft-office-zero-day-flaw-2.html
-
Microsoft Issues Emergency Patch for Active Office Zero-Day
Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security via malicious files. The post Microsoft Issues Emergency Patch for Active Office Zero-Day appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-office-zero-day-emergency-patch-january-2026/
-
Microsoft Rushes Emergency Patch for Office Zero-Day
To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious Office file. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-rushes-emergency-patch-office-zero-day
-
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, linux, microsoft, office, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog:…
-
Microsoft Issues Emergency Patch for Active Office Zero-Day
Microsoft issued an emergency patch for an actively exploited Microsoft Office zero-day enabling code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/microsoft-issues-emergency-patch-for-active-office-zero-day/
-
UK plans sweeping overhaul of policing amid surge in online crimes
The British Home Office published proposals that would include the creation of a new National Police Service, described by officials as Britain’s equivalent of the FBI. First seen on therecord.media Jump to article: therecord.media/uk-national-policing-overhaul-cybercrime
-
Office zero-day exploited in the wild forces Microsoft OOB patch
Another actively abused Office bug, another emergency patch Office 2016 and 2019 users are left with registry tweaks instead of fixes. First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/office_zeroday_exploited_in_the/
-
Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation
Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-patch-office-zero-day/
-
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/microsoft-reveals-actively-exploited-office-zero-day-provides-emergency-fix-cve-2026-21509/
-
Microsoft bringt Notfallpatch: Office-Nutzer werden über Zero-Day-Lücke attackiert
Eine gefährliche Sicherheitslücke betrifft alle gängigen Office-Versionen. Angesichts der aktiven Ausnutzung sollten Anwender zügig patchen. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bringt-notfallpatch-office-nutzer-werden-ueber-zero-day-luecke-attackiert-2601-204646.html
-
Emergency Microsoft update fixes inwild Office zero-day
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 20162024 and Microsoft 365 Apps. Microsoft released out-of-band security updates to address an actively exploited Office zero-day vulnerability tracked as CVE-2026-21509. The issue is a security feature bypass vulnerability that affects multiple Office versions, including Microsoft Office 2016, Microsoft Office 2019,…
-
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-patches-actively-exploited-office-zero-day-vulnerability/
-
UK border tech budget swells by £100M as Home Office targets small boat crossings
Drone, satellite, and other data combined to monitor unwanted vessels First seen on theregister.com Jump to article: www.theregister.com/2026/01/24/home_office_small_boats/
-
Filling the Most Common Gaps in Google Workspace Security
Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one.Securing the cloud office in…
-
Warum Microsoft-365-Konfigurationen geschützt werden müssen
Tags: access, authentication, backup, ciso, cloud, compliance, framework, least-privilege, mail, mfa, microsoft, office, powershell, risk, zero-trustLesen Sie, warum CISOs den M365-Tenant stärker in den Blick nehmen müssen.Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams…
-
ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware. First seen on hackread.com Jump to article: hackread.com/clickfix-crashfix-kongtuke-fake-chrome-ad-blocker-modelorat/