Bleeping Computer

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. Beukema ...
Hosted on MSN

State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

Microsoft’s November 2025 Patch Tuesday fixed 63 flaws, including CVE-2025-9491 in Windows LNK files The bug let attackers hide malicious commands in shortcut files, enabling RCE attacks Exploited ...
Hosted on MSN

Microsoft issues unannounced patch for zero-day LNK vulnerability used in real-world attacks

Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day vulnerability, CVE-2025-9491, now mitigated in November 2025 updates. Threat actors, including ...
Dark Reading

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...