Russian state-sponsored group APT28, also known as Fancy Bear, exploited CVE-2026-21509 in a fast-moving espionage campaign against European governments. They targeted military, transport, and diplomatic entities in Poland, Slovenia, Turkey, Greece, the UAE, and Ukraine using spearphishing emails with malicious Office documents.​ APT28 weaponized CVE-2026-21509 within 24 hours of its disclosure on January 26, 2026. […] The post APT28 Uses Microsoft Office Vulnerability To Breach Government System appeared first on Cyber Security News.