Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.
The Hacker News

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

Russian hackers exploit recently patched Microsoft Office bug in attacks

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office.
Infosecurity Magazine

Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says ...
GitHub

potato-exploits

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...
TWCN Tech News

How to disable Exploit Protection in Windows 11

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...
Fox News

Hacker exploits AI chatbot in cybercrime spree

A hacker has pulled off one of the most alarming AI-powered cyberattacks ever documented. According to Anthropic, the company behind Claude, a hacker used its artificial intelligence chatbot to ...
Forbes

WhatsApp Security — New $1 Million 0-Click Messaging Exploit

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Twice every year, some of the best hackers on the planet get ...
TweakTown

Nintendo Switch 2 exploit discovered that may lead to emulation

TL;DR: The Nintendo Switch 2 has a newly discovered userland ROP exploit allowing custom graphics display, revealing security vulnerabilities. This early hack signals potential risks for homebrew apps ...
IEEE

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Abstract: Developing a remote exploit is not easy. It requires a comprehensive understanding of a vulnerability and delicate techniques to bypass defense mechanisms. As a result, attackers may prefer ...
Forbes

VMware Hacked As $150,000 Zero-Day Exploit Dropped

Pwn2Own hackers use $150,000 exploit on VMware ESXi. The elite hackers attending Pwn2Own in Berlin have made hacking history by successfully deploying a zero-day exploit against VMware ESXi. Having ...