APT28 Launches Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor, APT28, has been attributed to a series of attacks exploiting a newly disclosed security flaw in Microsoft Office. The campaign, codenamed Operation Neusploit, was observed by Zscaler ThreatLabz on January 29, 2026.
The attacks targeted users in Ukraine, Slovakia, and Romania, leveraging the vulnerability to gain unauthorized access to sensitive information. APT28, also known as UAC-0001, is known for its sophisticated tactics and techniques in espionage-focused malware attacks.
- The vulnerability, identified as CVE-2026-21509, affects Microsoft Office and allows attackers to execute arbitrary code on compromised systems.
- APT28's use of this vulnerability highlights the group's ability to quickly adapt and exploit newly disclosed flaws in popular software.
- Users in Ukraine, Slovakia, and Romania have been targeted in the attacks, but the campaign's scope may be broader, posing a risk to organizations worldwide.
To mitigate the risk of falling victim to these attacks, users are advised to apply the latest security patches to their Microsoft Office software and remain vigilant for suspicious activity.
Your skill is your best firewall; let us help you build it.
Recent Comments
No comments on this post yet. Be the first to comment 🙂