WinRAR vulnerability exploited by two different groups


On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.

The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.

Read more…
Source: Malwarebytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Henry Schein Sales Hurt by Cyber Attack, Macro Woes

    December 27, 2023

    Henry Schein (HSIC) is currently entangled in a major cyber-attack incident. Headwinds like unfavorable currency movement and global economic uncertainties continue to affect the company. The stock carries a Zacks Rank #4 (Sell). In October 2023, Henry Schein stated that a portion of its manufacturing and distribution businesses experienced a cybersecurity incident. Henry Schein took precautionary ...

  • Israel’s Cyber Directorate warns of phishing attack by Iran-based hacking squad

    December 26, 2023

    Israel’s National Cyber Directorate issued a statement Tuesday warning of a phishing attack by Iranian hackers. Posing as American network security conglomerate F5, Iranian hackers sent an email to IT officials in multiple Israeli companies with instructions to download what seems like an update, but is actually malware, said the directorate. Working with an unnamed commercial ...

  • Motorists data stolen as RingGo parking app-owner hit by cyber attack

    December 26, 2023

    Hackers have stolen data including partial credit card numbers from parking apps used by millions of motorists. EasyPark, which owns RingGo and ParkMobile, said the details of at least 950 customers in the UK had been stolen by hackers, including names, phone numbers, addresses, email addresses and parts of credit card numbers. Read more… Source: MSN News  

  • Hackers stole $2 billion in crypto in 2023, data shows

    December 26, 2023

    For yet another year, hackers stole billions of dollars in crypto. But for the first time since 2020, the trend is downwards, according to crypto security firms. This year, hackers stole around $2 billion dollars in crypto across dozens of cyberattacks and thefts, according to De.FI, the web3 security firm that runs the REKT database. The ...

  • Estonia: At least one case of extortion reported following Asper Biogene data leak

    December 25, 2023

    Investigations into the Asper Biogene data leak that came to light last week are ongoing, and there is already at least one known case of an attempt to extort money from an individual in connection with the data leak. When the data theft case came to light, police warned that the situation could be exploited by ...

  • The rising threat of phishing attacks with Crypto Drainers

    December 22, 2023

    A recent investigation by Check Point Research exposes a troubling trend in the cryptocurrency landscape. The cryptocurrency community has been witnessing an alarming increase in sophisticated phishing attacks. These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks ...