Homeland Security Today

The Missing LNK — Correlating User Search LNK Files

Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
Hosted on MSN

This tiny Windows shortcut file is a bigger security threat than you think

Shortcuts (LNK files) in Windows are indicated by curved arrows. We often treat them as background noise and don't consider what they actually do beyond opening apps. In fact, there is a huge gap ...
CSOonline

Four new reasons why Windows LNK files cannot be trusted

The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious ...
Yahoo

Chinese hackers target European diplomats with Windows zero-day flaw

Chinese state-sponsored threat actors have been abusing a Windows zero-day vulnerability to target diplomats across the European continent, security researchers are warning. Security researchers ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...