Information security
fromArs Technica
2 days agoTwo Windows vulnerabilities, one a 0-day, are under active exploitation
A long-running Windows Shortcut zero-day (CVE-2025-9491) and another critical flaw are actively exploited worldwide to deploy PlugX and other post-exploitation payloads.