5 matches found
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania...
CVE-2025-24080
CVE-2025-24080 is a Microsoft Office remote code execution vulnerability caused by a use-after-free in Office components. The CVSS-3.1 vector indicates local access required, with user interaction and high impact to confidentiality, integrity, and availability. Public details in connected sources...
'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans RATs that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the...
‘Lone Wolf’ APT Uses Commodity RATs
An APT described as a “lone wolf” is exploiting a decades-old Microsoft Office flaw to deliver a barrage of commodity RATs to organizations in India and Afghanistan, researchers have found. Attackers use political and government-themed malicious domains as lures in the campaign, which targets...
A week in security (October 22 – 28)
Last week on Malwarebytes Labs, we took a look at some new Mac malware, gave you a roundup of 2018 exploit kits, and dispensed some advice on sextortion scams. We also looked at the Cathay Pacific breach, groaned at the revival of an old browser trick, and explained how voting machines and...