A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...

It's believed that, between June and November 10/December 2, 2025 (independent security experts and its hosting provider ...

Cybersecurity investigators have identified a new cyberattack campaign connected to the Russia-linked hacking group APT28, ...

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

APT28's attacks use specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office.

In an alert published on Sunday, CERT-UA says the activity is being driven by UAC-0001, better known as "APT28" or "Fancy ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says ...

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...