Four new reasons why Windows LNK files cannot be trusted

By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.
The Hacker News

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for espionage and data theft.

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery and RAT deployment.
CSO Online

Researchers unearth 30-year-old vulnerability in libpng library

The widely used open-source library has been patched to defend against a heap buffer overflow flaw that’s been in the code since its inception.