From securityaffairs.com
A new phishing technique called “file archiver in the browser” can be used by phishers to “emulate” a file archiver software in a web browser when a victim visits a .ZIP domain. The security researcher mr.d0x detailed the new attack technique.
In May 2023, Google launched eight new top-level domains (TLDs) that included .zip and .mov. Security experts are warning of malicious uses of these domains.