Technical Analysis of Non-Recursive Zip Bomb Construction Using File Overlapping
David Fifield [email protected]
Read the full articleYou might also wanna read
New 'Zombie ZIP' technique lets malware slip past security tools
Cybercriminals are getting creative! A new "Zombie ZIP" technique is sneaking malware past 50 different antivirus engines by tricking the so
CVE-2026-61455: Improper Handling of Highly Compressed Data (Data Amplification) in getgrav grav
Grav versions before 2.0.1 have a decompression bomb vulnerability in the ZipArchiver::extract() function. This vulnerability arises because
Paper on a Data Structure for Searching and Updating Large-Scale String Data While Compressed Accepted to ESA2026
A paper by Research Scientist Takaaki Nishimoto and Team Director Yasuo Tabei of the Compressed Information Processing Team at the RIKEN Cen
Codex Publishes HTTP/2 Bomb: Remote DoS Exploit Targeting Major Web Servers
14 years ago, I helped break HTTP header compression, then was asked to review the fix, which became part of HTTP/2. Life has come full circ
Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
A recently disclosed 7-Zip vulnerability allows malicious actors to execute code remotely through specially crafted ZIP files
CVE-2026-39243: n/a
A vulnerability in decompress versions before 4.2.2 allows attackers to create arbitrary hardlinks during archive extraction. This occurs be

Comments
Sign in to join the conversation.
No comments yet. Be the first.