Russia-linked attackers are reportedly using a new Microsoft vulnerability as part of a coordinated espionage and malware campaign, Operation Neusploit. The campaign was spotted in January 2026 by Security researchers at ZScaler ThreatLabz, three days after Microsoft issued an urgent patch for the flaw. “In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain,” the researchers said in a blog post. “ThreatLabz observed active in-the-wild exploitation on January 29, 2026.” The campaign targeted users in parts of Central and Eastern Europe, including Ukraine, Slovakia, and Roman...