Mastodawn

This Week in Security: Messing with AI, 7Zip and Notepad++ Vulnerabilities, HTTP2 Bomb, and More https://hackaday.com/2026/06/05/this-week-in-security-messing-with-ai-7zip-and-notepad-vulnerabilities-http2-bomb-and-more/
#HackadayColumns #SecurityHacks #7zip #Ai #Cisa #Http2 #Meta #Microsoft #Mxc #Nist #Notepad #NPM #Nvd #Redhat #Security #ThisWeekinSecurity #Wifi #Worm

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the AGENTS.…

Hackaday

Hackaday [Unofficial]2d ago

This Week in Security: Messing with AI, 7Zip and Notepad++ Vulnerabilities, HTTP2 Bomb, and More

https://fed.brid.gy/r/https://hackaday.com/2026/06/05/this-week-in-security-messing-with-ai-7zip-and-notepad-vulnerabilities-http2-bomb-and-more/

Grub

6d ago

Grave falla in 7-Zip

Basta aprire un archivio per eseguire codice malevolo.
Una nuova vulnerabilità in 7‑Zip sta esponendo milioni di sistemi al rischio di esecuzione di codice malevolo semplicemente aprendo un archivio appositamente manipolato

#7zip #malware #vulnerabilitacritiche

#freesoftware #opensource

https://www.zeusnews.it/n.php?c=32123

Grave falla in 7-Zip

Basta aprire un archivio per eseguire codice malevolo. (ZEUS News)

ZEUS News

OTX Bot 6d ago

Reloaded in a modern Remcos RAT Infection

Analysts discovered a new Remcos RAT infection chain starting with a batch file executing encoded commands that creates hidden directories and retrieves encrypted payloads. Unlike earlier campaigns relying on PowerShell-hosted .NET loaders, this variant incorporates DonutLoader shellcode and AutoIt-based staging for in-memory payload delivery. The infection begins with a phishing email containing a malicious batch file named Bestellung.CMD. The chain abuses legitimate Windows utilities including cscript.exe and SyncAppvPublishingServer.vbs to execute Base64-encoded payloads. Additional components are downloaded from cloud storage, including 7Zip tools and password-protected archives containing obfuscated JScript. The final payload consists of DonutLoader shellcode that injects Remcos RAT version 7.2.1 Pro into colorcpl.exe, enabling remote control, credential harvesting, keystroke logging, and additional payload deployment.

Pulse ID: 6a1a2dd905d9f8c4474cb45e
Pulse Link: https://otx.alienvault.com/pulse/6a1a2dd905d9f8c4474cb45e
Pulse Author: AlienVault
Created: 2026-05-30 00:22:49

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#7Zip #Autoit #Cloud #CredentialHarvesting #CyberSecurity #Email #InfoSec #NET #OTX #OpenThreatExchange #Password #Phishing #PowerShell #RAT #Remcos #RemcosRAT #ShellCode #VBS #Windows #Word #ZIP #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

Andrew Armstrong May 31

10 Free Tools for Microsoft Windows | https://techygeekshome.info/10-free-tools-for-microsoft-windows/?fsp_sid=44153 | #7Zip #Free #Guide #Linux #Microsoft #Notepad #Paint.Net #PowerToys #refresh #Tools #VLC #Windows
https://techygeekshome.info/10-free-tools-for-microsoft-windows/?fsp_sid=44153

Marcel SIneM(S)US May 30

7-Zip: Hochriskante Lücke erlaubt Einschleusen von Schadcode | Security https://www.heise.de/news/7-Zip-Update-schliesst-Codeschmuggel-Luecke-11308241.html #Patchday #7zip

7-Zip: Hochriskante Lücke erlaubt Einschleusen von Schadcode

Das populäre Packprogramm 7-Zip enthält eine Schwachstelle, die das Einschleusen von Schadcode ermöglicht. Ein Update steht bereit.

heise online

S.v. N.Sönmez May 30

7-Zip'te kritik güvenlik açığı keşfedildi! 🚨 Yüz milyonlarca sistem risk altında. Uzmanlar, vakit kaybetmeden güncelleme yapılmasını öneriyor. Dijital güvenliğiniz için hemen harekete geçin!

🚩 #7Zip #SiberGüvenlik #GüvenlikAçığı #GüncellemeŞart