On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Darknet Marketplace Revenue Plummets After Hydra Raid
February 9, 2023
Revenue at dark web illicit marketplaces plunged in 2022 following seizure by U.S. and German police last spring of what was then the world’s largest online bazaar for illegal goods and services. The April shutdown of the Russian-speaking Hydra Market sent the illicit world of Russian-language darknet markets into a tailspin that cut overall revenue for ...
- New ESXiArgs ransomware version prevents VMware ESXi recovery
February 8, 2023
New ESXiArgs ransomware attacks are now encrypting more extensive amounts of data, making it much harder, if not impossible, to recover encrypted VMware ESXi virtual machines. Last Friday, a massive and widespread automated ransomware attack encrypted over 3,000 Internet-exposed VMware ESXi servers using a new ESXiArgs ransomware. Read more… Source: Bleeping Computer
- SNP MP Stewart McDonald’s emails hacked by Russian group
February 8, 2023
An MP has told the BBC his emails have been stolen and he fears they will be made public. The SNP’s Stewart McDonald said the hack took place in January and he wanted to pre-empt any publication sharing them. Read more… Source: BBC News
- Graphiron: New Russian information stealing malware deployed against Ukraine
February 8, 2023
The Nodaria espionage group (aka UAC-0056) is using a new piece of information stealing malware against targets in Ukraine. The malware (Infostealer.Graphiron) is written in Go and is designed to harvest a wide range of information from the infected computer, including system information, credentials, screenshots, and files. The earliest evidence of Graphiron dates from October 2022. ...
- CISA and FBI Release ESXiArgs Ransomware Recovery Guidance
February 8, 2023
Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access to ESXi servers ...
- Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with
February 7, 2023
Shares in Morgan Advanced Materials tanked 7.5% to 292p this morning after the industrial manufacturer became the latest listed firm to fall victim to a cyber attack which it said would cost millions of pounds to tackle. The 166-year-old firm warned the attack meant some of its IT systems were irrecoverable, and it had been forced ...