Russian Hackers Exploit Microsoft Office Bug Just 3 Days After Patch

APT28 exploits new Microsoft Office flaw in just 3 days, targeting Eastern Europe with 'Operation Neusploit' via phishing emails.

By Content Team

Feb 4, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Russia's APT28 hacking group weaponized a Microsoft Office vulnerability just three days after Microsoft released an emergency patch on January 26. The notorious cyber-espionage unit, linked to Russia's GRU military intelligence, launched "Operation Neusploit" on January 29, targeting organizations across Central and Eastern Europe.

The attackers use specially crafted documents to steal emails and deploy malware through a multi-stage infection chain. They're sending phishing emails in English, Romanian, Slovak, and Ukrainian to maximize their reach. APT28 employs geographic filtering to stay under the radar, only delivering malicious payloads to targeted regions.

Security experts call the three-day turnaround "absurd" and warn other threat actors will likely follow suit using publicly available proof-of-concept code.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Chained Vulnerabilities Let Attackers Backdoor Industrial Control Systems Running CODESYS

Apr 27, 2026

Signal Warns Users After Russian Hackers Target Officials Through Phishing Scams

Mar 11, 2026

Asian Cyberspy Group Infiltrates Government Systems Across 37 Countries

Feb 9, 2026

M&S Technology Chief Quits Less Than a Year After Cyber Attack

Jan 22, 2026