Executive Summary In late January 2026, CERT-UA issued a critical alert regarding the active exploitation of CVE-2026-21509, a vulnerability affecting Microsoft Office. The vulnerability is being leveraged by the threat actor UAC-0001, attributed to the Russian state-sponsored group APT28 (Fancy Bear). Observed attacks primarily target Ukrainian governmental institutions, but multiple European Union organizations have also…
Context CISA published an alert on January 28, 2026, regarding active exploitation of vulnerability CVE-2026-24858 affecting multiple Fortinet products. This flaw was added to CISA’s KEV (Known Exploited Vulnerabilities) catalog on January 27, 2026. Fortinet has released patches and recommendations to remediate this critical authentication bypass vulnerability. Technical Description of the Vulnerability CVE-2026-24858 is an…
Executive Summary The 2025 CWE Top 25 by MITRE highlights the most prevalent and dangerous software weaknesses, derived from an analysis of 39,080 CVE records published between mid-2024 and mid-2025. These weaknesses – often easy to find and exploit – account for a large share of critical vulnerabilities that enable adversaries to fully compromise systems,…
Total vulnerabilities fixed: Microsoft’s December 2025 Patch Tuesday addresses 57 security flaws. Among these, 3 vulnerabilities are rated Critical (all remote code execution issues), with the remainder classified as Important (none are labeled as Moderate or Low this month). Note that Microsoft Edge updates (15 vulnerabilities) are not included here, as Edge was updated earlier…
Executive Summary Between May and November 2025, threat actor UAC-0241 conducted a campaign against educational institutions and government bodies in eastern Ukraine. The attack involved a compromised Gmail account distributing a ZIP archive containing a malicious LNK that triggered an HTA → JS → PowerShell execution chain. This led to the deployment of LAZAGNE, several…
Fixing 63 Flaws Including 1 Active Zero-Day You will find below my hot take on this historic Microsoft Patch Tuesday, following the official end of support for Windows 10… I hope you find it useful. Executive Summary Overview of the November 2025 Patch Tuesday On November 11, 2025, Microsoft released its monthly batch of security…
Example of a high-tech digital forensics workspace: multiple monitors, specialized equipment (write-blockers, duplicators), and secure storage, all isolated from the corporate network. This article is an essay with a personal perspective. There are undoubtedly errors and strong positions, but I stand by them. Within a Computer Emergency Response Team (CERT), analysts are tasked with…
