LNK File Archives • Daily CyberSecurity

APT37’s New “Python-in-a-Cat” Malware Uses Environment Variable Obfuscation APT37 Phishing Campaign Python Malware Obfuscation

APT37’s New “Python-in-a-Cat” Malware Uses Environment Variable Obfuscation

Ddos May 12, 2026

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit Zero-Click Exploitation LNK Authentication Coercion

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit

Ddos April 27, 2026

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails Phorpiex Botnet LNK Phishing

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails

Ddos February 16, 2026

FrostBeacon Hits Russian B2B: Cobalt Strike Deployed via LNK and Chained Legacy Exploits EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

FrostBeacon Hits Russian B2B: Cobalt Strike Deployed via LNK and Chained Legacy Exploits

Ddos December 10, 2025

Patchwork APT Deploys StreamSpy Trojan, Hiding C2 Commands in WebSocket Traffic for Stealth Espionage Patchwork StreamSpy, WebSocket C2

Patchwork APT Deploys StreamSpy Trojan, Hiding C2 Commands in WebSocket Traffic for Stealth Espionage

Ddos December 5, 2025

SEQRITE Labs Uncovers “CAPI Backdoor” Campaign Targeting Russia’s Automobile and E-Commerce Sectors CAPI Banking Trojan, LNK Persistence

SEQRITE Labs Uncovers “CAPI Backdoor” Campaign Targeting Russia’s Automobile and E-Commerce Sectors

Ddos October 20, 2025

Operation Silk Lure: Chinese Espionage Targets FinTech with Malicious Resume LNK to Implant ValleyRAT Operation Silk Lure, ValleyRAT LNK

Operation Silk Lure: Chinese Espionage Targets FinTech with Malicious Resume LNK to Implant ValleyRAT

Ddos October 17, 2025

Zero-Click NTLM Leak Returns: New LNK Bypass (PoC Available) Bypasses Patch, Exposing Credentials Zero-Click NTLM Credential Leak, LNK Bypass

Zero-Click NTLM Leak Returns: New LNK Bypass (PoC Available) Bypasses Patch, Exposing Credentials

Ddos October 17, 2025

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth Caminho LSB Steganography, Loader-as-a-Service 2023 Threat Report

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth

Ddos September 5, 2025

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Ddos September 2, 2025

GOLD BLADE Unleashes RedLoader with Novel Attack Chain: LNK Files + WebDAV + DLL Sideloading Evades Detection RedLoader, DLL Sideloading

GOLD BLADE Unleashes RedLoader with Novel Attack Chain: LNK Files + WebDAV + DLL Sideloading Evades Detection

Ddos July 31, 2025

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack

Ddos July 29, 2025

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Ddos June 20, 2025

Critical Alert 1 Active Exploit Detected Today