Latest Articles
Apr 2, 2026 | File Security
Zombie ZIP (CVE-2026-0866): How a Malformed Archive Header Is Bypassing 98% of Security Scanners
Ask most security teams how they handle incoming ZIP files and you’ll hear the same answer: “We scan them.” What they mean is that their anti-malware or EDR solution reads the archive’s header, extracts the contents, and scans for known threats. The problem is that most scanning engines trust what an archive declares about itself. Attackers have known how to exploit that assumption for years.
Sign up for the OPSWAT Newsletter
Get the latest OPSWAT company updates along with event information and
the news that's driving the industry forward.
