⚠️ CERT/CC warns a ZIP flaw tracked as CVE-2026-0866 lets attackers hide malware using malformed archive headers.

Security tools trust the header and miss the payload, while it can still be extracted and executed with the right method.

It breaks how AV and EDR validate files.

�� How Zombie ZIP bypasses detection and runs payloads → https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html#zip-evasion-technique