On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- More pre-installed malware has been found in budget US smartphones
July 9, 2020
Pre-installed malware has been discovered on another budget handset connected to Assurance Wireless by Virgin Mobile. Back in January, cybersecurity researchers from Malwarebytes discovered unremovable malware bundled with the Android operating systems on the Unimax (UMX) U686CL, a low-end handset sold by Assurance Wireless as part of the Lifeline Assistance program, a 1985 US initiative which subsidizes telephone services for ...
- New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
July 8, 2020
Researchers at Trend Micro discovered a new Mirai variant (detected as IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants. This discovery is a new addition to the Mirai variants that appeared in the past few months, that include SORA, UNSTABLE, and Mukashi. The case, ...
- 15 Billion Credentials Currently Up for Grabs on Hacker Forums
July 8, 2020
Fifteen billion usernames and passwords for a range of internet services are currently for sale on underground forums – shedding light on the sheer scope of compromised credentials that are fueling account takeovers on the internet. A report released Wednesday — “From Exposure to Takeover” by the Digital Shadows Photon Research Team — found that 100,000 separate data ...
- Patch Now: F5 Vulnerability with CVSS 10 Severity Score
July 7, 2020
F5 Networks, a provider of networking devices and services, urges users to patch their BIG-IP networking systems as soon as possible, after the provider disclosed two vulnerabilities. First of these is CVE-2020-5902, a critical remote code execution (RCE) vulnerability found in BIG-IP device’s Traffic Management User Interface (TMUI). CVE-2020-5902 received a 10 out of 10 score on the Common ...
- ‘Keeper’ hacking group behind hacks at 570 online stores
July 7, 2020
A hacking group known as “Keeper” is responsible for security breaches at more than 570 online e-commerce portals over the last three years. The Keeper gang broke into online store backends, altered their source code, and inserted malicious scripts that logged payment card details entered by shoppers in checkout forms. These types of attacks are what the ...
- German authorities seize ‘BlueLeaks’ server that hosted data on US cops
July 7, 2020
German authorities have seized today a web server that hosted BlueLeaks, a website that provided access to internal documents stolen from US police departments. The server belonged to DDoSecrets (Distributed Denial of Secrets), an activist group that published the files last month, in mid-June. The server seizure was announced today by investigative journalist Emma Best, one of ...