A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) ...

Hackers can change a single byte to insert malware undetected, posing as an apparently corrupted ZIP file dubbed Zombie Zip. A security researcher demonstrated this by tricking Windows Defender and ...

Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malicious files (i.e. phishing "invoices" in emails). But, ...

ZIP and RAR files have overtaken Office documents as the file most commonly used by cyber criminals to deliver malware, according to an analysis of real-world cyber attacks and data collected from ...

Two new top-level domain names — .zip and .mov — have caused concern among security researchers, who say they allow for the construction of malicious URLs that even tech-savvy users are likely to miss ...

Microsoft cloud services are scanning for malware by peeking inside users’ zip files, even when they’re protected by a password, several users reported on Mastodon on Monday. Compressing file contents ...

Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle ...

Threat actors are exploiting the various ways that zip files combine multiple archives into one file as an anti-detection tactic in phishing attacks that deliver various Trojan malware strains, ...

The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform. A security researcher has discovered a ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...