Key Findings: Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 (CVSS 8.8) before Microsoft patched it in February 2026 The vulnerability is an Internet Explorer security control bypass that can lead to code execution when a victim opens a malicious HTML page or LNK file Akamai researchers found a malicious sample uploaded to VirusTotal on January 2026 tied to infrastructure linked to APT28 The exploit relies on nested iframes and multiple DOM contexts t
