Security News > 2025 > February > Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
2025-02-04 13:02
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a zone identifier used by the Windows operating system to flag files downloaded from the internet as potentially harmful. “CVE-2025-0411 allows threat actors to bypass Windows MoTW protections by double archiving contents using 7-Zip. … More → The post Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) appeared first on Help Net Security.
News URL
Related news
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) (source)
- Zero-Day Vulnerability in Ivanti VPN (source)
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation (source)
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-25 | CVE-2025-0411 | 7-Zip Mark-of-the-Web Bypass Vulnerability. | 0.0 |