Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)

2026-02-03 17:02

Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The exploitation CVE-2026-21509 allows unauthorized attackers to bypass a security feature (OLE mitigations in Microsoft 365 and Microsoft Office) locally, by creating and tricking targets into opening booby-trapped Office files. On January 29, 2026 – three days after Microsoft released the aforementioned fix – Zscaler researchers flagged an email phishing campaign … More →

The post Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509) appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article:

Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)

← DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon

Promptware Threats Turn LLM Attacks Into Multi-Stage Malware Campaigns →

Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)

Read the original article:

Like this:

Related

Read the original article:

Share this:

Like this:

Related

Post navigation