Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Updated on November 19, 2025

A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday.
The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in July 2025.
“The specific flaw exists…

Read the rest of the story at Read More

Source: The Hacker News

January 24, 2025 Uncategorized

DoJ Indicts 5 Individuals for $866K Nort...

September 3, 2024 Uncategorized

New Flaws in Microsoft macOS Apps Could ...

October 28, 2025 Uncategorized

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Related posts

DoJ Indicts 5 Individuals for $866K Nort...

New Flaws in Microsoft macOS Apps Could ...

New TEE.Fail Side-Channel Attack Extract...

Leave a Comment Cancel reply

Recent News

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide

Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts