How state-sponsored actors turned a patched Office flaw into active cyber weapons targeting Ukraine

Weekly insights on threats, vulnerabilities, and security best practices.

Russian threat actors are exploiting CVE-2026-21509 in Microsoft Office just days after its patch release. This rapid weaponization highlights the urgent need for accelerated patch management processes.

Russian hackers are actively exploiting CVE-2026-21509, a recently patched Microsoft Office vulnerability, targeting Ukrainian infrastructure. Learn how to defend.

Threat actors weaponize OAuth 2.0 Device Authorization flow with vishing campaigns to compromise Microsoft Entra accounts across technology, manufacturing, and financial sectors.