Ukraine's CERT-UA reported at 1:45 PM UTC on February 2, 2026, that Russian hacking group UAC-0001, also known as APT28 or FancyBear, is exploiting CVE-2026-21509 vulnerability using the COVENANT framework to target Ukraine and European Union entities, as posted on X during the reporting window from 12:16:39 PM to 1:45:33 PM UTC. CERT-UA provided details accessible only to Ukrainian users at https://cert.gov.ua/article/6287250, according to their official X account @_CERT_UA. The announcement highlights ongoing cyber threats from the Russian-linked group amid the conflict. This development follows Foreign Minister Kallas' earlier statement on Ukraine's readiness for difficult concessions in negotiations, as reported in the previous hour. No immediate impacts or mitigation steps were detailed in the CERT-UA post.
