Tuesday, 3 February 2026

Cybersecurity & Cloud Digest — 2026-02-03 19:01

```html

Curated Digest: Cybersecurity in Networking and Cloud

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The notorious Russian hacking group APT28 has been linked to attacks exploiting a newly discovered vulnerability in Microsoft Office, identified as CVE-2026-21509. These attacks, part of a campaign dubbed Operation Neusploit, have primarily targeted users in Ukraine, Slovakia, and Romania.

Why it matters: This incident underscores the ongoing threat posed by state-sponsored actors and highlights the importance of timely patching and vulnerability management in organizational cybersecurity strategies.

Source

When Cloud Outages Ripple Across the Internet

Recent outages from major cloud service providers like AWS, Azure, and Cloudflare have caused widespread disruptions, impacting numerous websites and applications. These incidents reveal the interconnectedness of cloud services and the potential for cascading failures across the internet.

Why it matters: Understanding the implications of cloud outages is crucial for IT professionals as they design more resilient architectures and develop contingency plans to minimize downtime and service disruption.

Source

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

The Lotus Blossom hacking group, associated with China, has been implicated in a breach of the infrastructure hosting Notepad++. This breach facilitated the deployment of a new backdoor, known as Chrysalis, targeting users of the popular open-source text editor.

Why it matters: This incident highlights the risks associated with open-source software and the need for robust security measures to protect against state-sponsored threats that exploit widely-used applications.

Source

Cisco is Proud to Champion the UK’s Software Security Code of Practice

Cisco has taken a proactive stance in supporting the UK's Software Security Code of Practice, aimed at enhancing the security of software supply chains. This initiative seeks to build greater trust in digital services by establishing clear security benchmarks for software development.

Why it matters: For security practitioners, this code represents a significant step towards standardized security practices in software development, which can help mitigate vulnerabilities and enhance overall cybersecurity posture.

Source

Can Europe’s Digital Markets Act and Data Act Rein in Cloud Hyperscalers?

The European Union's Digital Markets Act and Data Act aim to regulate cloud service providers and promote fair competition. These legislative measures are designed to address concerns about the dominance of major cloud hyperscalers and their impact on the market.

Why it matters: Security and network professionals should stay informed about these regulations, as they could influence compliance requirements and operational strategies for organizations leveraging cloud services in Europe.

Source

Quick Takeaways

  • State-sponsored actors continue to exploit vulnerabilities in widely-used software.
  • Cloud outages can have significant ripple effects across the internet, necessitating better resilience planning.
  • Open-source software remains a target for sophisticated cyber threats.
  • Standardized security practices are critical for enhancing software supply chain security.
  • Regulatory measures in Europe may reshape the cloud service landscape and compliance requirements.

Sources

```
at