CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a zone identifier used by the Windows operating system to flag files downloaded from the internet as potentially harmful. “CVE-2025-0411 allows threat actors to bypass Windows MoTW protections by double archiving contents using 7-Zip. … More
The post Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) appeared first on Help Net Security.
