Microsoft Office vulnerability (CVE-2026-21509) in active exploitation
Categories: Threat Research
Tags: Microsoft Office, vulnerability, advisory
Similar Posts
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
Bys sThe U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. “The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign,…
AU: Privacy watchdog sues Optus over mass data breach in 2022
Bys sDavid Swan reports: Optus is facing a potential mammoth fine after Australia’s privacy watchdog launched civil Federal Court proceedings over a September 2022 cyberattack in which the personal information of nearly 10 million Australians was stolen. During the cyberattack, which was one of the worst in the nation’s history, hackers gained unauthorised access to the…
Toys “R” Us Canada customers notified of breach of personal information
Bys sTara Deschamps reports: Toys “R” Us Canada has notified customers of a data breach it says may have compromised their personal information. In an email sent to shoppers Thursday morning, the toy store said it learned on July 30 that someone had posted information on the “unindexed Internet” they claimed to have stolen from the……
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Bys sThreat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments. “Chaos…
FFIEC Final Authentication Guidance
Bys sThe Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance’s risk management framework and update the Agencies’ expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment.
Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models
Bys sCybersecurity researchers have uncovered multiple security flaws in Dell’s ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating system install by deploying undetectable malicious implants into the firmware. The vulnerabilities have been codenamed