A sophisticated zero-day vulnerability, ZDI-CAN-25373, has been exploited by state-backed threat actors since 2017. This exploit, targeting Windows shortcut files, allows attackers to execute malicious commands undetected, leading to cyber espionage and data theft. Despite Microsoft’s inaction, organizations must implement security measures to mitigate risks, including monitoring .lnk file usage, implementing endpoint protection, and conducting network monitoring.