On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping
December 7, 2020
Researchers have discovered new samples of a previously discovered Android malware, which is believed to be linked to the APT39 Iranian cyberespionage threat group. The new variant comes with new surveillance capabilities – including the ability to snoop on victims’ Skype, Instagram and WhatsApp instant messages. According to U.S. feds, the developers of this malware are ...
- Hacker opens 2,732 PickPoint package lockers across Moscow
December 7, 2020
A mysterious hacker used a cyber-attack to force-open the doors of 2,732 package delivery lockers across Moscow. The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg. Russians can order products online and ...
- Italian police arrest 2 in defense data theft case
December 6, 2020
Police in Italy have arrested two people in connection with the hacking of Italian aerospace and electronics company Leonardo, the Interior Ministry announced on Saturday. The Leonardo group also has a cybersecurity division that counts NATO among its customers and is involved in making electronic weapons and missiles. The hackers allegedly managed to steal sensitive data ...
- The chronicles of Emotet
December 4, 2020
More than six years have passed since the banking Trojan Emotet was first detected. During this time it has repeatedly mutated, changed direction, acquired partners, picked up modules, and generally been the cause of high-profile incidents and multimillion-dollar losses. The malware is still in fine fettle, and remains one of the most potent cybersecurity threats ...
- Ransomware attack cripples Vancouver public transportation agency
December 4, 2020
A ransomware attack has crippled the operations of TransLink, the public transportation agency for the city of Vancouver, Canada. The attack took place this week, on December 1, and has left Vancouver residents unable to use their Compass metro cards or pay for new tickets via the agency’s Compass ticketing kiosks. TransLink initially passed the incident as ...
- What did DeathStalker hide between two ferns?
December 3, 2020
DeathStalker is a threat actor who has been active starting 2012 at least, and we exposed most of his past activities in a previous article, as well as during a GREAT Ideas conference in August 2020. The actor draught our attention in 2018, because of distinctive attacks characteristics that did not fit the usual cybercrime ...