"The recent exploitation of CVE-2026-21509 by Russia's APT28 group, just days after Microsoft disclosed and patched it, isn't merely another security incident to file away. It's a flashing red warning indicator that the aggregation risk and our dependence on a default software platform is creating systemic risk in a world where spreadsheets and spyware are equally viable warfare tools."
"APT28, also known as Fancy Bear, BlueDelta and Forest Blizzard, isn't some shadowy newcomer. This unit of Russia's GRU military intelligence has been wreaking havoc since at least 2007. They may have interfered in the 2016 US presidential election, compromised the World Anti-Doping Agency, targeted Nato, and they are credited with conducting countless operations against Ukrainian infrastructure. They're sophisticated, relentless, and have a particular fondness for Microsoft's ecosystem."
"Three days later, malicious documents exploiting that exact flaw started circulating in Ukraine. Phishing lure files appear to have been crafted within 24 hours of Microsoft disclosing the software flaw, a single day after the patch dropped. Think about that timeline - this is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed."
Russia's APT28 exploited CVE-2026-21509 in Microsoft Office just days after Microsoft disclosed and patched the flaw. The group rapidly weaponized malicious documents that began circulating in Ukraine within three days of the out-of-band patch, with phishing lures appearing within 24 hours of disclosure and one day after the patch. APT28 has operated since at least 2007, conducting operations against elections, sporting agencies, NATO, and Ukrainian infrastructure, consistently targeting Microsoft's ecosystem. The speed of exploitation suggests prior access, advance knowledge, or insider tipping. Heavy dependence on a default productivity platform concentrates systemic risk as spreadsheets become vectors for state-level cyber warfare.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]