Microsoft issues unannounced patch for zero-day LNK vulnerability used in real-world attacks

Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day vulnerability, CVE-2025-9491, now mitigated in November 2025 updates. Threat actors, including ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...