{"uuid": "96784206-4ce0-4e8b-886e-f9411f1de8e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2026-0866", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/8623", "content": "\u26a0\ufe0f CERT/CC warns a ZIP flaw tracked as CVE-2026-0866 lets attackers hide malware using malformed archive headers.\n\nSecurity tools trust the header and miss the payload, while it can still be extracted and executed with the right method.\n\nIt breaks how AV and EDR validate files.\n\n\ud83d\udd17 How Zombie ZIP bypasses detection and runs payloads \u2192 https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html#zip-evasion-technique", "creation_timestamp": "2026-03-18T13:46:08.000000Z"}