Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a ...
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

Incomplete fix for Fancy Bear exploit opens zero-click hole in Windows

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
Hosted on MSN

State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

Microsoft’s November 2025 Patch Tuesday fixed 63 flaws, including CVE-2025-9491 in Windows LNK files The bug let attackers hide malicious commands in shortcut files, enabling RCE attacks Exploited ...
Forbes

Microsoft Windows Cyberattack Warning — Do Not Open These Files

Beware these dangerous Windows LNK files. Update, June 9, 2025: This story, originally published on June 8, has been updated with a statement from Microsoft regarding the latest ongoing cyberattacks ...
Bleeping Computer

As Microsoft blocks Office macros, hackers find new attack vectors

We have reported on the use of LNK files by Emotet, Qbot, and IcedID, in all cases masquerading as a Word document to trick the recipient into opening it. However, these link files can be used to ...
Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...