February7.7z

Russian cybercrime groups are actively exploiting a high-severity, 0-day vulnerability (CVE-2025-0411) in the 7-Zip archiver to bypass Windows Mark-of-the-Web (MotW) protections and deliver malware, often utilizing files like "February7.7z". This campaign, which targets organizations with spear-phishing, necessitates an immediate manual update to 7-Zip version 24.09 or later to mitigate the risk. For more details, visit The Hacker News .