A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai.
The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security feature bypass affecting the MSHTML Framework.
“Protection mechanism failure in MSHTML Framework allows an unauthorized
Silver Dragon APT Group Exploits Google Drive for Covert Attacks on Europe, Asia
Silver Dragon is a Chinese‑aligned APT group that has been targeting public sector and high‑profile organizations in Europe and Southeast Asia since at least mid‑2024,
