On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Dark web market Cannazon shuts down after massive DDoS attack
November 29, 2021
Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack. As the admins explained in a message signed with the market’s PGP key, they are officially retiring and claim not to be pulling an exit scam on their vendors. The admins posted ...
- WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
November 29, 2021
This February, during our hunting efforts for threat actors using VBS/VBA implants, Kaspersky researchers came across MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant. The implant itself is a VBS script with functionality to collect system information and execute arbitrary code sent by the attackers on the ...
- Wind turbine maker Vestas confirms recent security incident was ransomware
November 29, 2021
Wind turbine maker Vestas says “almost all” of its IT systems are finally up and running 10 days after a security attack by criminals, confirming that it had indeed fallen victim to ransomware. Alarm bells rang the weekend before last when the Danish organisation said it had identified a “cyber security incident” and closed off parts ...
- IKEA email systems hit by ongoing cyberattack
November 26, 2021
IKEA is battling an ongoing cyberattack where threat actors are targeting employees in internal phishing attacks using stolen reply-chain emails. A reply-chain email attack is when threat actors steal legitimate corporate email and then reply to them with links to malicious documents that install malware on recipients’ devices. As the reply-chain emails are legitimate emails from a ...
- RATDispenser downloader delivers a ‘silent threat’ that wants to steal your passwords
November 26, 2021
Cyber criminals are using a new JavaScript downloader to distribute eight different kinds of remote access Trojan (RAT) malware and information-stealing malware in order to gain backdoor control of infected Windows systems, as well as steal usernames, passwords and other sensitive data. The downloader has been detailed by cybersecurity researchers at HP Wolf Security, who’ve called ...
- IT threat evolution Q3 2021
November 26, 2021
Last March, Kaspersky researchers reported a WildPressure campaign targeting industrial-related entities in the Middle East. While tracking this threat actor in spring 2021, they discovered a newer version. It contains the C++ Milum Trojan, a corresponding VBScript variant and a set of modules that include an orchestrator and three plugins. This confirms Kaspersky previous assumption ...