Web Scouter
Back to News
Security NewsHighIncidentvulnerability

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

UnknownMar 2, 2026(about 3 hours ago)

APT28 exploited a high-severity MSHTML Framework vulnerability (CVE-2026-21513) before Microsoft patched it.

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security feature bypass affecting the MSHTML Framework. "Protection mechanism failure in MSHTML Framework allows an unauthorized

Related CVEs
CVE-2026-21513
Potentially Affected Vendors
Microsoft Azure

Vendors are matched automatically based on AI analysis. Verify with official sources.

Related News

Shutdown Stalls Compliance Plans for Cyber Breach Reporting Rule

Unknown27 minutes ago

Nick Andersen Appointed Acting Director of CISA

Unknown31 minutes ago

CISA Releases New Guidance on Assembling Multi-Disciplinary Insider Threat Management Teams

Unknownabout 1 hour ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.