Malwarebytes Intelligence Team is reporting the MSHTML vulnerability classified as CVE-2021-40444 has become the focus of threat actors targeting Russian government entities. Its researchers intercepted phishing email attachments revealing that attackers were trying to target Russian organizations.
The CVE-2021-40444 vulnerability involves ActiveX and is an old flaw, but it was discovered recently, and soon enough, threat actors started sharing its PoCs, tutorials, and exploits on hacking forum
