: NIST notes that this specific vulnerability can bypass the "Mark-of-the-Web" protection mechanism, which typically warns users when opening files downloaded from the internet.
: The vulnerability was used to deploy the SmokeLoader malware, which functions as a loader for further cyberespionage tools.
On February 4, 2025, researchers at Trend Micro published a blog post detailing how Russian-linked threat actors exploited a zero-day vulnerability in 7-Zip, identified as .
: Attackers used compromised email accounts to send malicious archives. These attacks utilized homoglyph attacks , where visually similar characters are used to deceive users into opening malicious files.
: The campaign primarily targeted governmental and civilian organizations in Ukraine as part of the Russo-Ukrainian conflict.
While there is no single "official" blog post titled exactly "0NB.7z," recent threat intelligence reports and security blog posts from early 2025 detail a critical exploitation involving archives and a zero-day vulnerability. Security Vulnerability: CVE-2025-0411
Other security-focused blog posts have explored the broader risks associated with archiving tools:
ÊÖ»ú°æ|ɱ¶¾Èí¼þ|Èí¼þÂÛ̳| ¿¨·¹ÂÛ̳
Copyright © KaFan  KaFan.cn All Rights Reserved.
Powered by Discuz! X3.4( »¦ICP±¸2020031077ºÅ-2 ) GMT+8, 2025-12-14 16:34 , Processed in 0.076814 second(s), 4 queries , Redis On.
¿¨·¹ÍøËù·¢²¼µÄÒ»ÇÐÈí¼þ¡¢Ñù±¾¡¢¹¤¾ß¡¢ÎÄÕµȽöÏÞÓÃÓÚѧϰºÍÑо¿£¬²»µÃ½«ÉÏÊöÄÚÈÝÓÃÓÚÉÌÒµ»òÕßÆäËû·Ç·¨ÓÃ;£¬·ñÔò²úÉúµÄÒ»Çкó¹û×Ô¸º£¬±¾Õ¾ÐÅÏ¢À´×ÔÍøÂ磬°æȨÕùÒéÎÊÌâÓë±¾Õ¾Î޹أ¬Äú±ØÐëÔÚÏÂÔغóµÄ24Сʱ֮ÄÚ´ÓÄúµÄµçÄÔÖг¹µ×ɾ³ýÉÏÊöÐÅÏ¢£¬ÈçÓÐÎÊÌâÇëͨ¹ýÓʼþÓëÎÒÃÇÁªÏµ¡£