When Documents Become The Attack Vector: Inside Apt28's Latest Microsoft Office Exploit
Security Boulevard, Wednesday, February 4th, 2026
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure email gateways, attackers continue to rely on documents because they blend seamlessly into everyday workflows.
New reporting from The Hacker News details how APT28, a Russia-linked threat actor, is actively exploiting a newly disclosed Microsoft Office vulnerability to gain initial access into targeted environments. The campaign highlights how modern adversaries increasingly abuse trusted applications and normal user behavior rather than relying on easily detectable malware techniques.
Rather than breaking security controls outright, the attack succeeds by operating entirely within expected enterprise workflows.