SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
Computerworld

Critical Windows vuln. in .LNK files = Stuxnet (and IE IV)

Eeek! All versions of Microsoft Windows have a nasty shortcut-file vulnerability, it has emerged. Simply displaying the icon of a crafty .LNK file will cause malware infection. The Stuxnet worm has ...

Incomplete fix for Fancy Bear exploit opens zero-click hole in Windows

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Dark Reading

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...
CSOonline

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw

Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017. According to security ...