Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Posted: Fri Mar 21, 2025 3:00 am
Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers.
The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut .lnk files, also known as shell link files, researchers said in a report released Tuesday. A CVE has not been assigned to the vulnerability and Microsoft hasn’t made any commitments to patch or remediate the issue.
[...]
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut .lnk files, also known as shell link files, researchers said in a report released Tuesday. A CVE has not been assigned to the vulnerability and Microsoft hasn’t made any commitments to patch or remediate the issue.
[...]
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day