WinRAR vulnerability exploited by two different groups


On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.

The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.

Read more…
Source: Malwarebytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Cyber attack affects numerous services at most Nebraska state hospital

    February 29, 2024

    The Nebraska Hospital Association said most state hospitals were affected by a cyber attack. The NHA said Change Health Care was hit with the attack on Feb. 21. The technology company assists with things like prior authorizations, insurance verification and patient billing. All of those services are affected. Read more… Source: MSN News  

  • A ransomware gang claims to have hacked nearly 200GB of Epic Games internal data

    February 28, 2024

    A ransomware gang claims to have hacked Epic Games, saying it has nearly 200 gigabytes of internal data. Reportedly, the gang, which goes by the name Mogilevich, posted a message on its darknet leak site giving more information on its claimed leak of the Fortnite and Epic Games Store company. “We have quietly carried out an ...

  • Pennsylvania: Welch plant in North East restarts after cyber attack shuts facility down for 3 weeks

    February 28, 2024

    In a statement provided to the Erie Times-News, the company said: “On Monday, we restarted our spreads production bringing more than 100 employees back to work at our North East plant. We expect additional employees to return to work over the next few days as we get more production lines running. Throughout this disruption, we’ve continued ...

  • Pharma giant Cencora hit by major cyberattack

    February 28, 2024

    Cencora has confirmed suffering a data breach earlier this month which resulted in the theft of sensitive, personal data. Cencora is a drug wholesale company and a contract research firm that was previously known as Amerisource Bergen. It was formed in 2001, after the merger of Bergen Brunswig and AmeriSource. Read more… Source: MSN News  

  • Navigating the Cloud: Exploring Lateral Movement Techniques

    February 28, 2024

    In this post, Unit 42 researchers reseat examine lateral movement techniques, showcasing some that they have observed in the wild within cloud environments. Lateral movement can be achieved by leveraging both cloud APIs and access to compute instances, with access at the cloud level potentially extending to the latter. We explore cloud lateral movement techniques in ...

  • Most data breaches on enterprise attack the supply chain

    February 28, 2024

    The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain. This is according to the Global Third-Party Cybersecurity Breach Report, a new research paper published by the SecurityScorecard security organization. As per the report, 75% of all third-party breaches targeted the software and technology supply chains, mostly because ...