Category: APT37

.lnk, Analytics & Intelligence, APT37, APT43, BitterAPT, china espionage, CWE-451, Cybersecurity, Cybersecurity zero-day flaw, Data Security, Earth Anansi, Earth Imp, Earth Kumiho, Earth Manticore, Endpoint, Evil Corp, Exploits, Featured, Global Security News, Governance, Risk & Compliance, Humor, Incident Response, Industry Spotlight, InkySquid, Iranian hackers, kimsuky, Kimsuky hacking group, Konni, LNK file malware, LNKFiles, malicious LNK files, malware, Microsoft, Microsoft Windows Zero Day, Most Read This Week, News, North Korean cyber espionage, Popular Post, russia hacker, SB Blogwatch, ScarCruft, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threat Intelligence, Threats & Breaches, vulnerabilities, Windows, ZDI-CAN-25373, zero day, Zero Day Attacks, zero day exploit attack, Zero Day Initiative, Zero Day Initiative (ZDI), zero-day attack, Zero-Day Bug

Microsoft Won’t Fix This Bad Zero Day (Despite Wide Abuse)

March 20, 2025

Satya says NO: Redmond blames Windows users, rather than solve 30-year-old bug—exploited since 2017. The post Microsoft Won’t Fix This Bad Zero Day (Despite Wide Abuse) appeared first on Security Boulevard.

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

March 20, 2025

Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers. The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut…