Four new reasons why Windows LNK files cannot be trusted

By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK ...
CSO Online

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...
CSOonline

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while Microsoft prefers to tell the whole story. A longstanding problem with the ...
Hosted on MSN

Windows 11 zero-day security vulnerability gets partial fix from Microsoft

Microsoft has quietly rolled out a partial mitigation for the high-severity Windows LNK vulnerability, CVE-2025-9491, which multiple state-sponsored groups and cybercrime gangs have been exploiting as ...
Arabian Post on MSN

Chollima hackers expand phishing with stealth LNK malware

A coordinated cyber-espionage campaign attributed to the Chollima advanced persistent threat group has drawn attention from security researchers after attackers used malicious Windows shortcut files ...