From b513e0452e78492c3dd8f21424cb35c6156a7c13 Mon Sep 17 00:00:00 2001
From: Update third-party rules
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Sat, 19 Jul 2025 00:26:16 +0000
Subject: [PATCH] Update third-party rules as of 2025-07-19

---
 third_party/yara/bartblaze/RELEASE                 | 2 +-
 third_party/yara/bartblaze/generic/LNK_Ruleset.yar | 2 +-
 third_party/yara/huntress/RELEASE                  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/third_party/yara/bartblaze/RELEASE b/third_party/yara/bartblaze/RELEASE
index a8f2d1e06..bc45860e1 100644
--- a/third_party/yara/bartblaze/RELEASE
+++ b/third_party/yara/bartblaze/RELEASE
@@ -1 +1 @@
-ba3ddbee7e21605de6d03433943e4232637c6fa3
+255135e922b571965ab942554fcd7b9b6162f091
diff --git a/third_party/yara/bartblaze/generic/LNK_Ruleset.yar b/third_party/yara/bartblaze/generic/LNK_Ruleset.yar
index 92716c812..5abe877ee 100644
--- a/third_party/yara/bartblaze/generic/LNK_Ruleset.yar
+++ b/third_party/yara/bartblaze/generic/LNK_Ruleset.yar
@@ -289,7 +289,7 @@ rule PDF_in_LNK
         sharing = "TLP:WHITE"
         source = "BARTBLAZE"
         author = "@bartblaze"
-        description = "Identifies Adobe Acrobat artefacts in shortcut (LNK) files."
+        description = "Identifies Adobe Acrobat artefacts in shortcut (LNK) files. A PDF document is typically used as decoy in a malicious LNK."
         category = "INFO"
 
     strings:
diff --git a/third_party/yara/huntress/RELEASE b/third_party/yara/huntress/RELEASE
index 9d5b0e50f..51c47513f 100644
--- a/third_party/yara/huntress/RELEASE
+++ b/third_party/yara/huntress/RELEASE
@@ -1 +1 @@
-9ca8c8cb06e02b2b6d2a70910ef83b4e43217af3
+f0134eeb506fc58a7b9de827e2c869e336abf45e