Bleeping Computer

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. Beukema ...
Forbes

Microsoft Windows Cyberattack Warning — Do Not Open These Files

Beware these dangerous Windows LNK files. Update, June 9, 2025: This story, originally published on June 8, has been updated with a statement from Microsoft regarding the latest ongoing cyberattacks ...
Hosted on MSN

Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse

Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime networks.… The flaw, tracked as CVE-2025-9491, allows malicious .lnk shortcut files to ...
Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...
Hosted on MSN

Microsoft issues unannounced patch for zero-day LNK vulnerability used in real-world attacks

Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day vulnerability, CVE-2025-9491, now mitigated in November 2025 updates. Threat actors, including ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...