On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- ‘Trojan Source’ Hides Invisible Bugs in Source Code
November 1, 2021
Researchers have found a new way to encode potentially evil source code, such that human reviewers see a harmless version and compilers see the invisible, wicked version. Named “Trojan Source attacks,” the method “exploits subtleties in text-encoding standards such as Unicode to produce source code whose tokens are logically encoded in a different order from the ...
- Canadian province health care system disrupted by cyberattack
November 1, 2021
The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals. The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments. This outage affected health systems in Central Health, Eastern Health, Western Health, ...
- Spam and phishing in Q3 2021
November 1, 2021
This summer and early fall saw some major international sporting events. The delayed Euro 2020 soccer tournament was held in June and July, followed by the equally delayed Tokyo Olympics in August. Q3 2021 also featured several F1 Grand Prix races. There was no way that cybercriminals and profiteers could pass up such a golden ...
- Cring ransomware continues assault on industrial organizations with aging applications, VPNs
November 1, 2021
The Cring ransomware group continues to make a name for itself through attacks on aging ColdFusion servers and VPNs after emerging earlier this year. Experts like Digital Shadows Sean Nikkel told ZDNet that what makes Cring interesting is that so far, they appear to specialize in using older vulnerabilities in their attacks. “In a previous incident, Cring ...
- Office 365 Phishing Campaign Uses Kaspersky’s Amazon SES Token
November 1, 2021
A surge in spearphishing emails designed to steal Office 365 credentials were rigged to look like they came from a Kaspersky email address. In spite of coming from sender addresses such as [email protected], nobody at Kaspersky sent the phishing emails, the security company said in an advisory issued on Monday. Rather, the emails were sent with ...
- Europol: 12 Targeted For Involvement In Ransomware Attacks Against Critical Infrastructure
October 29, 2021
A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries. These attacks are believed to have affected over 1 800 victims in 71 countries. These cyber actors are known for specifically targeting large corporations, ...