Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.
CSO Online

Russian hackers exploited a critical Office bug within days of disclosure

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

New Amaranth Dragon cyberespionage group exploits WinRAR flaw

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...