Technoholic.me
Cybersecurity alert: A Russian-linked remote access toolkit, CTRL, spreads via malicious Windows LNK files disguised as private key folders. It enables phishing, keylogging, RDP hijacking, and tunneling. https://thehackernews.com/2026/03/russian-ctrl-toolkit-delivered-via.html
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.

The Hacker News
Apr 2 at 11:28amradaar