Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
Shortcuts (LNK files) in Windows are indicated by curved arrows. We often treat them as background noise and don't consider what they actually do beyond opening apps. In fact, there is a huge gap ...
Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection. For years attackers have used ...
North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...
Windows users have been urged to practice caution. Microsoft warns Windows users of a cyberattack exploiting a longstanding LNK file vulnerability. The vulnerability, ZDI-CAN-25373, is being actively ...
North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results