Summary: A report from the Zero Day Initiative reveals that Ukrainian organizations were targeted by Russian cybercrime groups leveraging a zero-day vulnerability in 7-Zip, tracked as CVE-2025-0411. This vulnerability allows attackers to evade Windows protections, enabling the delivery of malware like SmokeLoader through deceptive phishing tactics. The report emphasizes the urgent need for enhanced cybersecurity measures among targeted organizations.
Affected: Ukrainian government agencies and businesses, including State Executive Service of Ukraine, Kyiv Public Transportation Service, and more.
Keypoints :
- Zero-day vulnerability CVE-2025-0411 exploited by Russian cybercrime groups.
- Homoglyph attacks used in spear-phishing campaigns to bypass security measures.
- Recommendations include updating 7-Zip, implementing stronger email security, and employee training.
- Smaller municipal organizations are primary targets due to their limited cybersecurity resources.
Source: https://securityonline.info/cve-2025-0411-7-zip-vulnerability-exploited-in-attacks-on-ukraine/