In this episode, we break down the stealthy, high-impact exploit behind CVE-2025-33053, a zero-day vulnerability abused by the APT group Stealth Falcon using nothing more than a weaponized URL. You’ll learn how a simple .url file exploited legacy WebDAV functionality in Windows to drop malware, evade detection, and inject custom spyware into browser processes. We walk through the infection chain, the geopolitical targets, and the cutting-edge obfuscation tactics that made this attack so effective. Plus, we explore how Vicarius responded with detection and mitigation scripts to stop exploitation in real time. If you want to understand how forgotten protocols and trusted tools can be turned against you, and what to do about it, this episode is a must-listen.