Tag: rtf-analysis

APT28 Exploits MSHTML Zero-Day; North Korean npm Campaign Evolves

Russian APT28 exploited CVE-2026-21513, an MSHTML zero-day vulnerability, before Microsoft's February patch. North Korean threat actors published 26 malicious npm packages using Pastebin for C2 infrastructure in their ongoing Contagious Interview campaign.