Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09. "The vulnerability was

Posted from: Click here for the full article.

留言

此網誌的熱門文章

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy