The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.

Android gets patches for Qualcomm zero-day exploited in attacks

Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm display component.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
SecurityWeek

Trend Micro Patches Critical Apex One Vulnerabilities

TrendAI announced patches for vulnerabilities found in the Windows and macOS versions of the Apex One endpoint security ...

Trend Micro warns of critical Apex One code execution flaws

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems.
KeenGamer

Bungie Reveals Marathon’s Anti-Cheat and Security Details

Bungie reveals Marathon's full security plan: authoritative dedicated servers, server-side Fog of War against wall hacks, BattlEye integration, and an immediate permaban for any player caught cheating ...