Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.
Shortcuts (LNK files) in Windows are indicated by curved arrows. We often treat them as background noise and don't consider what they actually do beyond opening apps. In fact, there is a huge gap ...
North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...
Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection. For years attackers have used ...
It's not particularly surprising, as that bit of code doesn't actually seem to contain the malware. It's shady as all fuck, but it depends on the existence of the .lnk file to actually do anything. If ...
Microsoft has quietly rolled out a partial mitigation for the high-severity Windows LNK vulnerability, CVE-2025-9491, which multiple state-sponsored groups and cybercrime gangs have been exploiting as ...
When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results