On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- IRS data leak exposes personal info of 120,000 taxpayers
September 3, 2022
The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns. IRS Form 990T is used to report ‘unrelated business income’ paid to a tax-exempt entity, such as nonprofits (charities) or IRA and SEP retirement accounts. This income is commonly derived from sales unrelated ...
- Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
September 2, 2022
In March 2021, Trend Micro researchers investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. Its type of modular framework has made Trend Micro static analysis more challenging because it required us to first rebuild its structure or use dynamic analysis to understand its ...
- Google Chrome emergency update fixes new zero-day used in attacks
September 2, 2022
Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw, the sixth Chrome zero-day exploited in attacks patched this year. “Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild,” the company said in a security advisory published on Friday. This new version is rolling ...
- CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain
September 2, 2022
CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), have published part one of a three-part joint publication series, Securing Software Supply Chain Series – Recommended Practices for Developers. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—focuses ...
- FBI issues warning after crypto-crooks steal $1.3 billion in just three months
September 1, 2022
Amid a wave of hacks that have cost investors billions of dollars worth of cryptocurrency, the FBI is calling on decentralised finance (DeFi) platforms to improve their security. In a warning posted on its website, the FBI said that cybercriminals are increasingly targeting DeFi platforms to steal cryptocurrency, often exploiting vulnerabilities in smart contracts to part ...
- Oh no, that James Webb Space Telescope snap might actually contain malware
September 1, 2022
Scumbags are using a photo from the James Webb Space Telescope to smuggle Windows malware onto victims’ computers – albeit in a roundabout way. The malicious code, written in Go, is hidden in a .jpeg of the stunning first proper image taken by the recently deployed spacecraft. More specifically, the obfuscated code is Base64-encoded and included in ...