ZDI-25-045: 7-Zip Mark-of-the-Web Bypass Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.0. The following CVEs are assigned: CVE-2025-0411.

redis-7.2.8-1.fc40

FEDORA-2025-290b0c6e2b Packages in this update: redis-7.2.8-1.fc40 Update description: Redis 7.2.8 Released Wed 23 Apr 2025 12:00:00 IST Update urgency: SECURITY:...

April 24, 2025

HNS-2025-10 – HN Security Advisory – Local privilege escalation in Zyxel uOS

Posted by Marco Ivaldi on Apr 23 Hi, Please find attached a security advisory that describes some vulnerabilities we discovered...

April 24, 2025

APPLE-SA-04-16-2025-4 visionOS 2.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-4 visionOS 2.4.1 visionOS 2.4.1 addresses the following issues. Information...

April 24, 2025

APPLE-SA-04-16-2025-3 tvOS 18.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-3 tvOS 18.4.1 tvOS 18.4.1 addresses the following issues. Information...

April 24, 2025

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1 macOS Sequoia 15.4.1 addresses the following...

April 24, 2025

APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1 iOS 18.4.1 and iPadOS...

April 24, 2025

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

DOGE Worker’s Code Supports NLRB Whistleblower

Regulating AI Behavior with a Hypervisor

Verizon’s DBIR Reveals 34% Jump in Vulnerability Exploitation

FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors

US Data Breach Victim Count Surges 26% Annually

M&S Grapples with Cyber Incident Affecting In-Store Services

Dutch Warn of “Whole of Society” Russian Cyber-Threat

ZDI-25-045: 7-Zip Mark-of-the-Web Bypass Vulnerability

redis-7.2.8-1.fc40

HNS-2025-10 – HN Security Advisory – Local privilege escalation in Zyxel uOS

APPLE-SA-04-16-2025-4 visionOS 2.4.1

APPLE-SA-04-16-2025-3 tvOS 18.4.1

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1