A newly identified cyber vulnerability, ZDI-CAN-25373, affecting Windows Shell Link (.lnk) files, has been exploited since 2017 by 11 state-backed threat groups from North Korea, Iran, Russia and China, primarily for cyber-espionage and data theft. Microsoft reportedly refused to issue a security patch, despite the high risk. Almost half of linked attacks originated from North Korea, with sectors including government, private enterprises, financial institutions and defence being most at risk.
Red Canary warns of surge in identity & AI threats for 2025
Red Canary’s 2025 Threat Detection Report reveals a four-fold rise in identity attacks over 2024, reflecting an increase in cloud-native and identity-targeted methods. Other emerging
