Back

APT28 Exploits MSHTML Zero-Day Vulnerability in Windows

Severity: Critical (Score: 94.3)

Sources: Cyberpress, Scworld, Cybersecuritynews, Gbhackers

Summary

APT28 has actively exploited a zero-day vulnerability in MSHTML affecting all Windows versions, which has a CVSS score of 8.8. The vulnerability allows for security bypass and poses significant risks to users. A patch was released in February 2026 to address this issue.

Key Entities

  • Apt28 (apt_group)
  • Data Breach (attack_type)
  • Malware (attack_type)
  • Zero-day Exploit (attack_type)
  • CVE-2026-21513 (cve)
  • T1203 - Exploitation for Client Execution (mitre_attack)
  • Mshtml (platform)
  • Windows (platform)
  • Mshtml Zero-Day (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed