Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL ...

The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious ...

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. Beukema ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...

It’s been a while since the new version of Outlook overtook the old classic version, but users are still unhappy with it. The latest issue? Certain Excel attachments aren’t opening in Outlook anymore, ...

Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this ...

Microsoft has silently mitigated an exploited LNK vulnerability with its November 2025 security updates, Acros Security says. Tracked as CVE-2025-9491 (CVSS score of 7.0), the security defect allowed ...

Microsoft has started looking into a problem that is preventing users from opening some Excel file attachments with non-ASCII file names in the new Outlook client for ...

Year after year, LNK files are exploited in malware attacks, mainly because a core vulnerability hides malicious content from users. Microsoft has not yet fixed the flaw, so we must be cautious when ...