Zombie ZIP can help malware hide inside ZIP files and evade security scans

Zombie ZIP is a newly disclosed archive evasion technique that can let malware pass through some antivirus and EDR checks by tampering with ZIP metadata. The trick makes security engines read the file as harmless stored data even though the payload remains compressed and recoverable with custom tooling. CERT/CC has tracked the issue as CVE-2026-0866. […] The post Zombie ZIP can help malware hide inside ZIP files and evade security scans appeared first on VPN Central.