Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them.
A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them.
Discover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files.
Microsoft says Windows 11 22H2 now natively supports almost a dozen additional archive formats, including RAR, 7-Zip, Tar, and GZ archives.
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts.
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.
Microsoft is adding native support for RAR, 7-Zip, and GZ archives to an upcoming version of Windows 11 expected this week.
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the target system.
Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS), a widely deployed web client and email server.
A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software.
A massive ransomware campaign targeting QNAP devices worldwide is underway, and users are finding their files now stored in password-protected 7zip archives.
GitHub Arctic Code Vault has likely inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years.
An official version of the popular 7-zip archiving program has been released for Linux for the first time.
A new ransomware called VCrypt is targeting French victims by utilizing the legitimate 7zip command-line program to create password-protected archives of data folders.
WinRAR 5.90 Final has been released with numerous performance improvements and bug fixes for Windows, Mac, Linux, and Android.
Attackers are always looking for new tricks to distribute malware without them being detected by antivirus scanners and secure email gateways. This was illustrated in a new phishing campaign that utilized a specially crafted ZIP file that was designed to bypass secure email gateways to distribute the NanoCore RAT.
Chinese hackers deployed a new cyber-espionage tool on Linux servers belonging to a telecommunications network provider to steal SMS message content for specific recipients.
Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns.
Archive.org is testing a decentralized version, or DWeb version, of their web site that allows their content to be delivered over peer-to-peer connections with different hosts sharing portions of or the same content.
F-Secure has fixed a severe vulnerability in its home and enterprise antivirus products that could have allowed an attacker to execute malicious code on the user's machine and take over affected PCs