On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Okta customers report dramatic increase in cyber-attacks
February 3, 2023
A marketing survey from digital identity firm Okta fielded in the first quarter of last year highlights dangers that, while hardly unknown, are sobering. The survey and report examined the state of secure identity, and came up with three facts the market needs to come to grips with. Read more… Source: Biometric Update
- TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users
February 3, 2023
Trend Micro researchers analyzed an ongoing campaign that has been targeting Android users in Southeast Asia since July 2022. Its goal is to steal victims’ assets from finance and banking applications (such as cryptocurrency wallets, credentials for official bank apps on mobile, and money in deposit), via a banking trojan they named TgToxic (detected by Trend ...
- Tallahassee Memorial hospital victim of suspected ransomware attack
February 3, 2023
Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital. The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation. Read more… Source: Florida Politics
- GoAnywhere MFT zero-day vulnerability lets hackers breach servers
February 3, 2023
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. GoAnywhere is a secure web file transfer solution that allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files. Read more… Source: Bleeping Computer
- New APT34 Malware Targets The Middle East
February 2, 2023
On December 2022, Trend Micro researchers identified a suspicious executable (detected by Trend Micro as Trojan.MSIL.REDCAP.AD) that was dropped and executed on multiple machines. The investigation led them to link this attack to advanced persistent threat (APT) group APT34, and the main goal is to steal users’ credentials. Even in case of a password reset ...
- CISA Releases Six Industrial Control Systems Advisories
February 2, 2023
CISA released six Industrial Control Systems (ICS) advisories on February 2, 2023.These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-033-01 Delta Electronics DIAScreen ICSA-23-033-02 Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 ICSA-23-033-03 Baicells Nova Read more… Source: U.S. ...