The recent exploitation of CVE-2026-21509 by Russia’s APT28 group, just days after Microsoft disclosed and patched it, isn’t merely another security incident to file away. It’s a flashing red warning indicator that the aggregation risk and our dependence on a default software platform is creating systemic risk in a world where spreadsheets and spyware are equally viable warfare tools.
APT28, also known as Fancy Bear, BlueDelta and Forest Blizzard, isn’t some shadowy newcomer. This unit of Russia’s GRU military intelligence has been wreaking havoc since at least 2007. They may have interfered in the 2016 US presidential election, compromised the World Anti-Doping Agency, targeted Nato, and they are credited with conducting countless operations against Ukrainian infrastructure. They’re sophisticated, relentless, and have a particular fondness for Microsoft’s ecosystem.
In recent years, they’ve exploited vulnerabilities in Microsoft Exchange, Outlook, and now Office itself. Their tradecraft isn’t opportunistic – it’s industrial-scale cyber warfare executed with military precision.
Severe Office vulnerability
Only recently we witnessed their latest attack. The timeline gives rise for concern as Microsoft issued an out-of-band patch for a high-severity Office vulnerability on 26 January.
Three days later, malicious documents exploiting that exact flaw started circulating in Ukraine. Phishing lure files appear to have been crafted within 24 hours of Microsoft disclosing the software flaw, a single day after the patch dropped.
Think about that timeline – this is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed.
This is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed Bill McCluggage
CVE-2026-21509 is a security feature bypass – the kind of flaw that tricks users into opening crafted Office files that deliver MiniDoor malware, designed to harvest and exfiltrate victims’ emails, along with PixyNetLoader malware, designed to implant malicious software on compromised systems.
The problem is structural. IT professionals know that deploying patches isn’t instantaneous. They take time, albeit in some cases automated updates can be relatively quick. But in a conflict zone wrestling with bandwidth constraints, outdated systems, and limited access to enterprise-grade licensing, that vulnerability window becomes a chasm.
If Ukrainian organisations are running older Office builds because they lack resources for restrictive, subscription-based licensing, or can’t afford IT automation for patching, they’re sitting ducks. This is a strategic liability, and other nations need to understand the systemic risk they too face.
Microsoft’s patching cadence deserves further scrutiny, and this incident highlights that recognition delays matter, even outside of active conflict zones. When vulnerabilities are actively exploited before patches arrive or are installed, we’re no longer managing risk, we’re into documenting damage and incident recovery.
Delays in Microsoft patch deployment shouldn’t be inevitable – when your patch management depends on manual schedules, restricted bandwidth, or enterprise support you can’t access, that delay becomes a shooting gallery for groups like APT28.
Recent Azure outages, whether from cyber attacks or botched updates, have demonstrated how a single point of failure implanted in Redmond can cascade globally. When national governments, critical infrastructure, and essential services run on cloud platforms controlled by one company, we’re not just talking about vendor lock-in. We’re talking about digital colonialism disguised as convenience that introduces systemic risk.
Market concentration compounds this risk. When a single platform is effectively the default across governments and corporations globally, vulnerabilities don’t fail in isolation – they fester and spread.
Licensing models and interoperability barriers that discourage diversification entrench this monoculture. The result is aggregation risk on a geopolitical scale – its bugs are potential weapons in grey-zone conflicts where every user is a potential target, and every attachment could be a trap.
This isn’t just a cyber security challenge – it’s a market structure problem. Structural risks require structural remedies. Bodies like the UK Competition and Markets Authority (CMA) and the European Commission’s Directorate-General for Competition have a clear role here, by ensuring that concentration in productivity and cloud services does not translate into national and global security vulnerabilities.
The ability to diversify and introduce real competition in secure cloud and productivity ecosystems is becoming a matter of digital sovereignty and defence resilience.
The way forward
So what’s the path forward? Microsoft must rethink vulnerability disclosure and patching for high-impact products introducing faster mitigation pathways and protective heuristics that can be deployed before formal patches are released.
Enterprises and governments need to invest in automated patch management and redundancy planning.
And regulators need to recognise that monoculture is inseparable from security risk.
The next frontier of cyber security policy isn’t just about defending networks – it’s about making markets safer by design.
Bill McCluggage was director of IT strategy and policy in the Cabinet Office and deputy government CIO from 2009 to 2012.
The largest western AI labs are taking a break from sniping at one another to partner on a new accelerator program for European startups building applications on top of their models. Paris-based incubator Station F will run the program, named F/ai.
On Tuesday, Station F announced it had partnered with Meta, Microsoft, Google, Anthropic, OpenAI and Mistral, which it says marks the first time the firms are all participating in a single accelerator. Other partners include cloud and semiconductor companies AWS, AMD, Qualcomm, and OVH Cloud.
An accelerator is effectively a crash course for early-stage startups, whereby founders attend classes and lectures, consult with specialists, and receive introductions to potential investors and customers. The broad aim is to help startups bring ideas to market as quickly as possible.
The 20 startups in each F/ai cohort will undergo a curriculum geared specifically toward helping European AI startups generate revenue earlier in their lifecycle, in turn making it easier to secure the funding required to expand into the largest global markets. “We’re focusing on rapid commercialization,” says Roxanne Varza, director at Station F, in an interview with WIRED. “Investors are starting to feel like, ‘European companies are nice, but they’re not hitting the $1 million revenue mark fast enough.’”
The accelerator will run for three months, twice a year. The first edition began on January 13. Station F has not revealed which startups make up the cohort, but many were recommended by Sequoia Capital, General Catalyst, Lightspeed, or one of the other VC firms involved in the program. The startups are all building AI applications on top of the foundational models developed by the partnering labs, in areas ranging from agentic AI to procurement and finance.
In lieu of direct funding, participating founders will receive more than $1 million in credits that can be traded for access to AI models, compute, and other services from the partner firms.
With very few exceptions, European companies have so far lagged behind their American and Chinese counterparts at every stage of the AI production line. To try to close that gap, the UK and EU governments are throwing hundreds of millions of dollars at attempts to support homegrown AI firms, and develop the domestic data center and power infrastructure necessary to train and operate AI models and applications.
In the US, tech accelerators like Y Combinator have produced a crop of household names, including Airbnb, Stripe, DoorDash, and Reddit. OpenAI was itself established in 2015 with the help of funding from Y Combinator’s then research division. Station F intends for F/ai to have a similar impact in Europe, making domestic AI startups competitive on the international stage. “It’s for European founders with a global ambition,” says Varza.
The program also represents a chance for the US-based AI labs to sow further seeds in Europe, using subsidies to incentivize a new generation of startups to build atop their technologies.
Once a developer begins to build on top of a particular model, it is rarely straightforward to swap to an alternative, says Marta Vinaixa, partner and CEO at VC firm Ryde Ventures. “When you build on top of these systems, you’re also building for how the systems behave—their quirkiness,” she says. “Once you start with a foundation, at least for the same project, you’re not going to change to another.”
The earlier in a company’s lifecycle it begins to develop on top of a particular model, says Vinaixa, the more that effect is magnified. “The sooner that you start, the more that you accumulate, the more difficult it becomes,” she says.
There isn’t a one-size-fits-all when it comes to toys aimed at providing accessibility or inclusion, just like there isn’t one type of disability. Very few toys or brands are actually made with disability at the forefront, the exception being Cute Little Fuckers, a queer,- trans-, and disabled-owned sex toy brand. (I tested three of the brand’s toys, above.)
So instead, I thought of my own needs as someone with upper-limb disabilities, and I talked to other disabled folks, including those who use wheelchairs or have lower-body disabilities, to find out what they look for in their sex toys. This included tools like slings, pillows, and chairs that help with positioning during sex (or solo play). (More on that below.)
Since I have a vagina and upper limb disabilities, many of the toys I tested were aimed at people like me, but many, like app-connected G-spot and clitoral toys, have similar versions with the same in-app features, except for people with penises or those that prefer anal play.
I took many factors intro consideration, including weight, length, girth; whether the toy was easy to hold or could be wedged; if you could just lie on it or use in multiple positions; and if it could be controlled via buttons (and how difficult those might be to press), in-app, or with a remote control. Once the individual realizes what they need from a toy to make it work for their body and ability, it’ll be easier to narrow down the toy that’d work best.
I tested several sex toy holders, including those that fit into a pillow for mounting or lying, and a sex toy holder that suctions to surfaces or straps into place. I also tested several toys that someone can just grind against, lie on, or sit on.
I wasn’t able to test a hand harness to keep the toy in your hand, as it didn’t fit my small hand, but these can be a more controlled way to hold a sex toy rather than wedging with pillows, grinding on, or using a surface mount.
The Liberator Wedge also came highly recommended to me, but I also wasn’t able to test it. This angled pillow makes sex easier for those in non-normative bodies or for those who suffer from pain, as they can reach the angles and positions needed to relieve pressure. As I mentioned above, a pillow also helps to achieve deeper penetration with partners with smaller penises or bigger bodies, where genitals can be trickier to reach without additional help.
Brands like IntimateRider make chairs and sex accessories for wheelchair users, paraplegics, and others who have spinal cord injuries and similar disabilities where traditional sex may not be an option without these valuable tools.
Employees at Salesforce are circulating an internal letter to chief executive Marc Benioff calling on him to denounce recent actions by US Immigration and Customs Enforcement, prohibit the use of Salesforce software by immigration agents, and back federal legislation that would significantly reform the agency.
The letter specifically cites the “recent killings of Renee Good and Alex Pretti in Minneapolis” as catalysts, calling them the “devastating indictment of a system that has discarded human decency.” It’s unclear how many signatories the letter has received so far.
The letter, which has not been reported on previously, is being organized amid Salesforce’s annual leadership kickoff event this week in Las Vegas. During an appearance at the event earlier today, Benioff asked international employees to stand to thank them for attending. He then joked that ICE agents were in the building monitoring them, according to current and former Salesforce employees who spoke to WIRED.
Benioff’s remarks sparked immediate backlash among employees. “Lots of people are furious,” says one source, who asked to remain anonymous for fear of retaliation. Another source tells WIRED that the internal pushback today was significantly more forceful than after Benioff made other controversial comments last fall supporting President Trump’s call to deploy the National Guard to San Francisco to address crime.
Salesforce did not immediately respond to a request for comment from WIRED. Business Insider and 404 Media previously reported on Benioff’s remarks and the reaction to them inside Salesforce.
“We are deeply troubled by leaked documentation revealing that Salesforce has pitched AI technology to U.S. Immigration and Customs Enforcement to help the agency ‘expeditiously’ hire 10,000 new agents and vet tip-line reports,” the letter reads. “Providing ‘Agentforce’ infrastructure to scale a mass deportation agenda that currently detains 66,000 people—73 percent of whom have no criminal record—represents a fundamental betrayal of our commitment to the ethical use of technology.”
The letter argues that Benioff’s voice “carries unique weight in Washington,” pointing to an episode last fall when Trump called off an ICE deployment in San Francisco after what appeared to be outreach from Bay Area tech leaders, including Benioff and Nvidia CEO Jensen Huang. It urges Benioff to use that influence as a “corporate statesman” to issue a public statement condemning what it calls ICE’s unconstitutional conduct and to commit Salesforce to clear “red lines” barring the use of its cloud and AI products for state violence.
Benioff has weighed in on both national and local political issues for years. He supported Democratic presidential candidate Hillary Clinton in 2016 and later became one of the most high-profile backers of Proposition C, a failed San Francisco ballot measure that would have raised taxes to fund programs to address homelessness. In 2020, he donated to the primary campaigns of some Democratic presidential candidates, including Kamala Harris.
But since Trump returned to the White House in January, Benioff has signaled greater support for some Republican leaders. In one interview, he said he strives to stay nonpartisan because he also owns Time magazine. But he also joked that, while he declined to contribute to Trump’s inauguration fund directly, he had “donated” a photo of the president on the magazine’s cover, which named him its 2024 Person of the Year. “He can use the Time magazine cover for free,” Benioff said in the interview with Fortune.
Benioff also faced backlash from Salesforce employees last fall when he suggested the National Guard should be sent to San Francisco to tackle crime ahead of the company’s annual conference in the city. He later apologized for the remarks, explaining they stemmed from genuine concerns about safety. He later reversed his stance and joined Nvidia’s Huang in asking Trump to refrain from sending troops.
Entertainment5 days ago
Tech1 week ago
Fashion1 week ago
Fashion1 week ago
Tech5 days ago