24
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) - Help Net Security
(www.helpnetsecurity.com)
this post was submitted on 05 Feb 2025
24 points (83.3% liked)
Cybersecurity
8174 readers
151 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How is it a zero day if a patch has been out since November?
It was a 0day back then, I guess, so it (in some unknown magic way) keeps that designation forever, apparently.
Real reason: people want clicks on their slop, so they bait your clicks with nonsense.
Meaningless term nowdays.
The first time I heard it, it meant that it was a vuln present since the launch of that version unknown to the publisher, so meaning on day 0 it was possible to exploit it.
Then, when I was studying for a certification I learned they changed the definition to mean it was the number of days a vendor had to patch that vulnerability, and in some cases after being patched these vulnerabilities would get a name assigned to them.
And now, is more of a clickbait word for articles.