North Korea-linked Ricochet Chollima hackers launched a targeted spear-phishing attack in March 2025 against activists monitoring the regime. Dubbed “Operation: ToyBox Story” by Genians Security Center (GSC), the campaign weaponized malicious LNK shortcut files hidden in Dropbox archives. Posing as a South Korean national security expert, the APT group tricked victims with emails mimicking invitations […] The post Chollima Hackers Abuse LNK Files In Sophisticated Malware Campaign appeared first on Cyber Security News.