WinRAR vulnerability exploited by two different groups


On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.

The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.

Read more…
Source: Malwarebytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Volt Typhoon Actors Exploiting Insecure SOHO Routers

    January 31, 2024

    Threat actors—particularly the People’s Republic of China (PRC)—sponsored Volt Typhoon group—are compromising small office/home office (SOHO) routers by exploiting software defects that manufacturers must eliminate through secure software design and development. Specifically, Volt Typhoon actors are exploiting security defects in SOHO routers to use them as launching pads to further compromise U.S. critical infrastructure entities. CISA ...

  • Czech cyber security agency reports record number of attacks in 2023

    January 31, 2024

    Czechia’s National Cyber and Security Information Agency says it registered a record number of cyber-attacks last year. The state organisation said on its website on Wednesday that it had recorded 262 such attacks in 2023, compared to 146 the previous year. The agency said the increase was mainly due to repeated waves of DDoS attacks led ...

  • Hackers obtain confidential information on Romanian officials after cyber attack at Parliament

    January 31, 2024

    Hackers breached the database of the Romanian Chamber of Deputies, the lower house of the Parliament, after a recent cyber attack. They reportedly managed to obtain confidential information, such as the prime minister’s identity documents, medical analyses, and other personal data.  The hackers threatened to release the personal data of the deputies if they did not ...

  • Series of cyber attacks risks sensitive data at New Jersey schools, hospitals

    January 30, 2024

    Class was canceled Monday across the Freehold Township school district, but not for the familiar January troubles of slushy roads, frozen pipes or a busted boiler. No, this was “a cybersecurity event” that ground school business to a halt. District officials disclosed little about what happened, assuring parents in an email they “retained outside IT expert consultants ...

  • Sustainability Business Division of Schneider Electric Responds to Cybersecurity Incident

    January 29, 2024

    On January 17th, 2024, a ransomware incident affected Schneider Electric Sustainability Business division. The attack has impacted Resource Advisor and other division specific systems. Schneider Electric Global Incident Response team has been immediately mobilized to respond to the attack, contain the incident, and to reinforce existing security measures. Sustainability Business division has informed impacted customers. Read more… Source: ...

  • Ukrainian activists launch devastating cyber attack on Russian Space Hydrometeorology Center

    January 29, 2024

    Ukraine’s Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, known as “planeta” (планета), and wiped 2 petabytes of data. Planeta is a state research center that uses space satellite data and ground sources such as radars and stations to provide information and accurate predictions about weather, climate, natural disasters, extreme ...