APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

Published: 1 day ago (March 2, 2026 at 05:36 AM EST)

1 min read

Source: The Hacker News

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia‑linked state‑sponsored threat actor known as APT28, according to new findings from Akamai.

The vulnerability in question is CVE‑2026‑21513 (CVSS score: 8.8), a high‑severity security feature bypass affecting the MSHTML Framework.

“Protection mechanism failure in MSHTML Framework allows an unauthorized …”

Source: Akamai research

Back to Blog

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

The threat actor behind the recently disclosed artificial intelligence AI-assisted campaign targeting Fortinet FortiGate appliances leveraged an open‑source, AI...

AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged

The Rise of MCPs in the Enterprise The Model Context Protocol MCP is quickly becoming a practical way to push LLMs from “chat” into real work. By providing str...

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

!https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOdnsC4miBmpXK8ZPV1kM1figMIfiqkQpUeAt8idIiZEFRCNt6AMaFSmpUaR215Hrw-XIGi6Zcl9vOgGO5ItB53gWlN_r8UxGz_y...

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw Fixes High‑Severity Security Issue ClawJacked !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMEZ7gMViZ9XlXs35FiyviBZR19FbDXmatfjhNRw59da...

Related posts

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket