Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware 

Hackers are exploiting a zero-day vulnerability in 7-Zip to deploy SmokeLoader malware, particularly targeting Ukrainian entities. The vulnerability, CVE-2025-0411, allows attackers to bypass Windows’ Mark-of-the-Web security mechanism by crafting malicious archives that evade security warnings. Organizations should update to 7-Zip version 24.09 or later, implement robust email filtering, and educate employees to mitigate this threat.