On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Fake end-to-end encrypted chat app distributes Android spyware
November 13, 2021
The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. This particular RAT (remote access trojan) targets predominately Indian users, being distributed by Pakistani actors. The telemetry data on the most recent campaign shows that the targeting scope hasn’t changed, and ...
- Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day
November 12, 2021
There has been considerable debate within the cybersecurity community about Randori, a security firm that waited one year before disclosing a critical buffer overflow bug it discovered in Palo Alto Networks’ GlobalProtect VPN. The zero-day — which has a severity rating of 9.8 and was first reported by ZDNet — allows for unauthenticated, remote code execution ...
- Mac Zero Day Targets Apple Devices in Hong Kong
November 12, 2021
Since at least late August, attackers have been using flaws in macOS and iOS – including in-the-wild use of what was then a zero-day flaw – to install a backdoor on the Apple devices of users who visited Hong Kong-based media and pro-democracy sites. This isn’t a finely targeted campaign, but it’s a sophisticated one. The ...
- AMD reveals an EPYC 50 flaws – 23 of them rated High severity.
November 12, 2021
Microsoft may have given us a mere 55 CVEs to worry about on November’s Patch Tuesday, but AMD and Intel have topped that number with fixes for their products. AMD alone dropped 50 new CVEs on Thursday, 23 of them rated of “High” concern, meaning they’re rated at between 7.0 and 8.9 on the Common Vulnerability ...
- QAKBOT Loader Returns With New Techniques and Tools
November 12, 2021
QAKBOT is a prevalent information-stealing malware that was first discovered in 2007. In recent years, its detection has become a precursor to many critical and widespread ransomware attacks. It has been identified as a key “malware installation-as-a-service” botnet that enables many of today’s campaigns. Toward the end of September 2021, we noted that QAKBOT operators resumed ...
- BotenaGo botnet targets millions of IoT devices with 33 exploits
November 11, 2021
The new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. BotenaGo was written in Golang (Go), which has been exploding in popularity in recent years, with malware authors loving it for making payloads that are harder to detect and reverse engineer. In the case of BotenaGo, only ...