APT28 Exploits Microsoft Office Zero-Day

Russian-backed hackers from APT28 are exploiting a newly discovered Microsoft Office zero-day vulnerability, according to Ukraine’s CERT. The agency warned that APT28 exploits Microsoft Office through this flaw, moving from public disclosure to active use within days. The speed of the exploitation underscores the growing efficiency of targeted cyber threats.

Security researchers say attackers are using the bug to compromise systems in Ukraine and potentially beyond. The vulnerability appears dangerous because it allows code execution without significant user interaction. Although Microsoft has not yet released a patch, organizations are urged to apply available mitigations.

Ukraine’s government continues to monitor the situation closely as more evidence emerges of early-stage targeting. CERT-UA confirmed signs of active exploitation but did not disclose specific attack vectors or impacted entities.

This latest incident amplifies growing concerns about zero-day vulnerabilities and their rapid weaponization. As APT28 exploits Microsoft Office vulnerabilities faster, organizations must remain alert.

https://www.theregister.com/2026/02/02/russialinked_apt28_microsoft_office_bug/