WinRAR vulnerability exploited by two different groups


On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.

The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.

Read more…
Source: Malwarebytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Thailand-Cambodia conflict: Ceasefire fails online

    August 4, 2025

    Thailand and Cambodia may have reached a ceasefire to halt their border clashes, but cyber warriors are still battling online, daubing official websites with obscenities, deluging opponents with spam and taking pages down. The five-day conflict left more than 40 people dead and drove more than 300,000 from their homes. It also kicked off a disinformation ...

  • Denmark energy cyber attack highlights infrastructure security gaps

    August 4, 2025

    November 2023 saw an unprecedented cyber attack on Denmark’s energy infrastructure. In a co-ordinated breach of 22 companies, criminal gangs gained access to industrial control systems. Investigators believe at least one of the attackers was acting on behalf of a state. Michael Murphy, who heads Fortinet’s APAC Operational Technology group from the company’s Sydney office, says ...

  • Malicious Packages Across Open-Source Registries: Detection Statistics and Trends (Q2 2025)

    August 4, 2025

    In this previous blog, Fortiguard Labs highlighted a growing trend in the use of open source software (OSS) repositories as channels for malware distribution in supply chain security. With the continued reliance on third-party packages in development workflows, threat actors are increasingly exploiting vulnerabilities in the open-source ecosystem to propagate malicious code, exfiltrate data, and cause ...

  • IoT Security: Your Next Breach Could Start with Your Thermostat

    August 4, 2025

    Universities are filling up with network-connected devices. Smart locks manage building access. HVAC systems run on automated controls. Cameras stream to command centers. Vending machines, printers, thermostats, research tools, and classroom displays all connect to the network. The Internet of Things (IoT) is everywhere. These devices are often invisible to most of campus life, quietly making ...

  • Arkham Says $3.5B LuBian Bitcoin Theft Went Undetected for Nearly Five Years

    August 2, 2025

    A crypto wallet tied to a little-known Chinese mining pool may have been the victim of the largest bitcoin theft ever recorded, according to new findings from Arkham Intelligence. n an Aug. 2 thread on X, the onchain analytics firm said it had uncovered evidence that 127,426 BTC — worth $3.5 billion at the time — ...

  • Luxembourg: Cybercriminals stole thousands from BIL customers using phishing scam

    August 2, 2025

    After cybercriminals stole thousands from BIL customers using a fake website, the banking association maintains that digital banking tools remain safe, but users must stay vigilant. In the wake of a sophisticated phishing scheme that led to major financial losses for dozens of BIL customers, The Luxembourg Banker’s Association (ABBL) is defending the security of the ...