On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
January 19, 2023
Roaming Mantis (a.k.a Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has been investigating the actor’s activity throughout 2022, and we observed a DNS changer ...
- “Payzero” Scams and The Evolution of Asset Theft in Web3
January 18, 2023
Web3 is a lucrative emerging technology where many participants seek quick profit via the different methods of monetization for their online assets. What makes Web3 different from what’s typically called Web2 is that its users are not only participants but are also the owners of digital assets. Web3 users no longer employ the traditional user ...
- MailChimp discloses new breach after employees got hacked
January 18, 2023
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. Read more… Source: Bleeping Computer
- Thousands of Sophos firewalls still vulnerable out there to hijacking
January 18, 2023
More than 4,000 public-facing Sophos firewalls remain vulnerable to a critical remote code execution bug disclosed last year and patched months later, according to security researchers. The flaw, CVE-2022-3236, had already been exploited as a zero-day when Sophos published a security advisory about the vulnerability in September 2022. At the time, the vendor said the hole ...
- Ukraine links data-wiping attack on news agency to Russian hackers
January 18, 2023
The Computer Emergency Response Team of Ukraine (CERT-UA) has linked a destructive malware attack targeting the country’s national news agency (Ukrinform) to Sandworm Russian military hackers. “According to preliminary data, provided by CERT-UA specialists, the attack have caused certain destructive effects on the agency’s information infrastructure, but the threat has been swiftly localized nonetheless,” the State ...
- Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises
January 17, 2023
Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Despite the existence of sophisticated detection tooling and security awareness of phishing techniques, defenders across ...