Executive Summary In late January 2026, CERT-UA issued a critical alert regarding the active exploitation of CVE-2026-21509, a vulnerability affecting Microsoft Office. The vulnerability is being leveraged by the threat actor UAC-0001, attributed to the Russian state-sponsored group APT28 (Fancy Bear). Observed attacks primarily target Ukrainian governmental institutions, but multiple European Union organizations have also…
Context CISA published an alert on January 28, 2026, regarding active exploitation of vulnerability CVE-2026-24858 affecting multiple Fortinet products. This flaw was added to CISA’s KEV (Known Exploited Vulnerabilities) catalog on January 27, 2026. Fortinet has released patches and recommendations to remediate this critical authentication bypass vulnerability. Technical Description of the Vulnerability CVE-2026-24858 is an…
Executive Summary In January 2026, Microsoft’s Patch Tuesday addressed 114 vulnerabilities, including 8 Critical flaws primarily in Windows and Office. The release fixed multiple remote code execution (RCE) and elevation of privilege (EoP) bugs. Microsoft confirmed one actively exploited zero-day (CVE-2026-20805) and two publicly disclosed issues patched this month (CVE-2023-31096 and CVE-2026-21265). One publicly known…
Réf. UAC-0190 Targeted Attacks Against Ukraine’s Defense Forces Using the PLUGGYAPE Malware (CERT-UA#19092) Executive Summary: Background In the period from October to December 2025, Ukraine’s governmental Computer Emergency Response Team (CERT-UA), in cooperation with the Cyber Incident Response Team of the Armed Forces of Ukraine (military unit A0334), investigated a series of targeted cyberattacks against…
Executive Summary On December 22, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) published the initial draft of interagency report IR 8597 “Protecting Tokens and Assertions from Forgery, Theft, and Misuse”. This document is subject to public consultation until January 30, 2026, with comments submitted to…
Executive Summary The 2025 CWE Top 25 by MITRE highlights the most prevalent and dangerous software weaknesses, derived from an analysis of 39,080 CVE records published between mid-2024 and mid-2025. These weaknesses – often easy to find and exploit – account for a large share of critical vulnerabilities that enable adversaries to fully compromise systems,…
