Hackers have exploited a zero-day vulnerability in the popular file archiver 7-Zip to deploy SmokeLoader malware. The vulnerability, tracked as CVE-2025-0411, was identified in September 2024 and has since been actively used in cyberattacks targeting Ukrainian entities. CVE-2025-0411 is a high-severity vulnerability (CVSS score: 7.0) that allows attackers to bypass Windows’ Mark-of-the-Web (MoTW) security mechanism. […]
The post Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware appeared first on Cyber Security News.
A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 million from the protocols’ investors. The fraudulent scheme According to court documents, from 2021 to 2023, Andean Medjedovic, 22, allegedly exploited vulnerabilities in the automated smart contracts used by the KyberSwap and Indexed Finance decentralized finance protocols. Medjedovic borrowed hundreds of millions of dollars in digital tokens, which he … More →
The post Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities appeared first on Help Net Security.