Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
Shortcuts (LNK files) in Windows are indicated by curved arrows. We often treat them as background noise and don't consider what they actually do beyond opening apps. In fact, there is a huge gap ...
By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.
A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while Microsoft prefers to tell the whole story. A longstanding problem with the ...
Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime networks.… The flaw, tracked as CVE-2025-9491, allows malicious .lnk shortcut files to ...
When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for espionage and data theft.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results