#cve-2025-9491

[ follow ]
#state-sponsored-exploitation #plugx #windows #shortcut-vulnerability #windows-lnk-shortcut #espionage
Information security
fromTechRepublic
1 week ago

Microsoft Silently Fixes 8-Year Windows Security Flaw - TechRepublic

A long-standing Windows .LNK vulnerability (CVE-2025-9491) allowed hidden malicious commands and was exploited by multiple state-backed groups for nearly eight years.
fromTheregister
1 week ago

Microsoft fixes Windows shortcut flaw exploited for years

Researchers at Trend Micro said in March that nearly a thousand malicious .lnk samples dating back to 2017 exploited this weakness across a mix of state-sponsored and cybercriminal campaigns worldwide. "Our analysis revealed that 11 state-sponsored groups from North Korea, Iran, Russia, and China have employed ZDI-CAN-25373 in operations primarily motivated by cyber espionage and data theft," it said at the time.
Information security
Information security
fromThe Hacker News
1 week ago

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft patched CVE-2025-9491, a Windows .LNK UI misinterpretation vulnerability enabling remote code execution via crafted shortcut files.
Information security
fromThe Hacker News
1 month ago

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

China-linked UNC6384 used spear-phishing and an unpatched Windows shortcut vulnerability (CVE-2025-9491) to deploy PlugX against European diplomatic and government targets.
Information security
fromArs Technica
1 month ago

Two Windows vulnerabilities, one a 0-day, are under active exploitation

A long-running Windows Shortcut zero-day (CVE-2025-9491) and another critical flaw are actively exploited worldwide to deploy PlugX and other post-exploitation payloads.
[ Load more ]