Cybersecurity Headlines Microsoft patches Office zero-day vulnerability, Indian users targeted by Blackmoon, Konni targets blockchain developers
18 snips
Jan 27, 2026 Microsoft issues an emergency Office patch for a actively exploited zero-day. Indian taxpayers are targeted by a tax-themed Black Moon phishing campaign. A DPRK-linked group is going after blockchain developers in Asia and Australia. CISA outlines post-quantum cryptography product categories and procurement guidance. Cloudflare experiences a 25-minute IPv6 BGP leak due to router misconfiguration.
AI Snips
Chapters
Transcript
Episode notes
Patch Or Mitigate Office Zero-Day Now
- Apply Microsoft’s emergency Office updates immediately for supported versions to stop active exploitation.
- Use Microsoft’s registry mitigations for Office 2016 and 2019 until official patches arrive.
Phishing Becomes Espionage Toolchain
- Attackers used local tax-themed phishing to turn a banking trojan into an espionage platform in India.
- Combining Black Moon with SyncFuture TSM shows triage of financial crime into persistent surveillance.
Dev-Focused Attacks Signal Longer Persistence
- North Korea-linked Connie shifted to target blockchain developers across APAC with AI-crafted lures.
- The campaign’s clean AI-generated PowerShell backdoor signals intent for longer-term persistence and credential theft.