Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

Updated on February 4, 2025

A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.
“The vulnerability was…

Read the rest of the story at Read More

Source: The Hacker News

August 1, 2024 Uncategorized

Over 1 Million Domains at Risk of ‘...

December 24, 2023 Uncategorized

British LAPSUS$ Teen Members Sentenced f...

October 17, 2024 Uncategorized

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

Related posts

Over 1 Million Domains at Risk of ‘...

British LAPSUS$ Teen Members Sentenced f...

Russian RomCom Attacks Target Ukrainian ...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines