11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft - SecurityWeek

Trend Micro’s Zero Day Initiative (ZDI) discovered nearly 1,000 malicious LNK files used by state-sponsored threat groups and cybercriminals for espionage and data theft. The files, disguised as harmless documents, exploit a Windows UI misrepresentation issue to execute hidden commands. ZDI recommends immediate scanning and security mitigations for this vulnerability, tracked as ZDI-CAN-25373.