Global Group ransomware gang running new campaign using Windows shortcut files

Exploiting .lnk files is a strategy that has been used for years and still works, says new report from Forcepoint.
XDA Developers on MSN

I love Proxmox community scripts, but a single command executes 8 remote scripts as root

Do you know what your Proxmox server is actually running?

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
PCQuest

This New Windows Malware Hides in Plain Sight to Install Remcos RAT

It does not crash systems or raise alarms. It blends into everyday Windows activity and works quietly in the background. By the time it is noticed, control may already be lost. Security teams are ...