Malicious Windows Shortcuts Use PowerShell and Node.js to Enable Remote Code Execution
A malicious Windows shortcut is being used to turn a routine download into a full remote-code-execution foothold. The campaign begins with convincing booking-themed spam and steers victims toward a ZIP archive that conceals a booby-trapped LNK file. One click can quietly start a chain that installs...