LNK
Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities
Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. Beukema documented four previously unknown techniques for manipulating Windows LNK shortcut files to hide malicious targets from users inspecting file properties. LNK shortcuts were introduced with Windows 95 and use a complex […]
Microsoft “mitigates” Windows LNK flaw exploited as zero-day
Microsoft has silently “mitigated” a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security flaw allows attackers to hide malicious commands within Windows LNK files, which can be used to deploy malware and gain persistence on compromised devices. However, the attacks require user interaction to […]
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. According to Arctic Wolf Labs, the attack chain begins with spearphishing emails that lead to the delivery of malicious LNK files themed around NATO defense procurement workshops, European Commission border facilitation meetings, and various […]
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. However, as security researchers Peter Girnus and Aliakbar Zahravi with Trend Micro’s Zero Day Initiative (ZDI) reported today, Microsoft tagged it as “not meeting the […]