Yet another LNK flaw allows for target spoofing, yet executes any DLL, including remote via WebDAV. Even worse, unless you installed the Feb 2026 updates, MotW will be ignored.

Next to updating, your best defence is to look for RunDLL32 + Shell32 + Control_RunDLL executions with non-standard targets. After all, most users click accept on those MotW prompts.

See how this works on https://github.com/wietze/lnk-it-up

New blog: Using LLMs the right way for malware analysis

💡Tips for building an autonomous AI analysis lab on a 12 yo laptop and getting stuff done faster without loss of accuracy.

https://blog.gdatasoftware.com/2026/03/38381-llm-malware-analysis

That one XKCD thing, now interactive.

This is so much fun... Craig S. Kaplan: In my online undergraduate P5.js course, students are about to begin the module on motion and physics, including a bit of physics simulation using Matter.js. It suddenly...
https://jwz.org/b/yk4B

Here's my CVE-2026-20841 PoC.

(Not really, but I have a feeling it's something that rhymes with this)

🦔 📹 New Video: Can office files be malicious without Macros?

➡️ VSTO Add-Ins
➡️ External Templates
➡️ Checklist for Office analysis
#MalwareAnalysisForHedgehogs
https://www.youtube.com/watch?v=RtHHckH5IsI

As we approach the end of the year, we have a small gift for everyone.

We ran a series of Rust training sessions as an introduction to the Rust programming language, and we recorded them. The videos, along with the training materials, are now available online.

Thanks to Quentin Jerome and all the participants for their contributions.

📽️ https://www.youtube.com/playlist?list=PLhSWiKucshm5vWvFCqtJePVVYgIXH6_6y
🔗 https://github.com/ngsoti/rust-training

#rust #rusttraining #programming #cybersecurity #opensource #training