Mar 32026 APT28 Tied to CVE-2026–21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday APT28 exploited CVE-2026–21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
