On the evening of July 18, 2025, active and large-scale exploitation of a newly discovered SharePoint remote code execution (RCE) vulnerability chain—dubbed “ToolShell“—was observed in the wild. Initially demonstrated just days earlier on X, the exploit is being used to compromise on-premises SharePoint servers worldwide. The vulnerability chain, detailed in this blog, was later assigned […]

Windows Shortcut files — commonly known as LNK files — are a core part of the Windows ecosystem. They allow users to create convenient links to files, folders, or applications without duplicating the original. You’ve probably used them on your desktop to quickly launch software or access frequently used directories. LNK File Structure (Simplified) A typical LNK file contains: […]

In today’s rapidly evolving cyber threat landscape, information stealers — or “infostealers” — have become a pervasive and escalating threat. These stealthy malware variants are specifically engineered to harvest sensitive data from compromised systems, including credentials, financial information, and personal identifiers, and exfiltrate it to remote attackers for exploitation. Both individuals and organizations are increasingly […]