This vulnerability was used as a "zero-day" starting in April 2023.
: Groups like Sandworm (Russia) and APT40 (China) used this to steal browser data and passwords. CVE-2025-8088: Path Traversal This vulnerability was used as a "zero-day" starting
: Attackers hide malicious scripts in a folder with the same name as a harmless file (like photo.jpg ). This vulnerability was used as a "zero-day" starting