Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.8), a high-severity MSHTML vulnerability (CVSS 8.8), before Microsoft patched it in February 2026. The vulnerability is an Internet Explorer security control bypass that can lead to code […]

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

securityaffairs.co - 03/Mar 10:03

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385...

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

securityaffairs.co - 26/Feb 11:40

Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability,...

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

itsecuritynews.info - 25/Feb 20:34

Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been...

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

itsecuritynews.info - 25/Feb 20:34

Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been...

Rubriques :

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

Articles similaires

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

Microsoft CVE-2026-26119 Deep Dive

Microsoft CVE-2026-26119 Deep Dive

Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023

Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023

Les derniers communiqués