Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.
DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
GitHub has been drawn into another cyber threat case after researchers uncovered a multi-stage malware campaign using ...
A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...
A sophisticated cyber‐espionage operation is exploiting Windows shortcut files disguised alongside seemingly genuine PDF newsletters to surreptitiously infiltrate institutions across Asia and the ...
When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Chinese state-sponsored threat actors have been abusing a Windows zero-day vulnerability to target diplomats across the European continent, security researchers are warning. Security researchers ...
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Wormable malware dubbed Raspberry ...
A Zero-Day Vulnerability in the Display of LNK Files in Windows became known at the end of August this year. Microsoft currently plans no fix and does not classify it as highly risky, unlike Trend ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results