Security News > 2025 > February > Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play
2025-02-09 09:00
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. Crypto-stealing iOS, Android malware found on App Store, Google Play A number of iOS and Android apps on Apple’s … More → The post Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play appeared first on Help Net Security.
News URL
Related news
- New North Korean Android spyware slips onto Google Play (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Malicious Android 'Vapor' apps on Google Play installed 60 million times (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Crypto Developers Targeted by Python Malware Disguised as Coding Challenges (source)
- Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-25 | CVE-2025-0411 | Unspecified vulnerability in 7-Zip 7-Zip Mark-of-the-Web Bypass Vulnerability. | 7.0 |