On July 30, 2025, WinRAR released a new version (7.13 Final) to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack various archive formats.
The vulnerability, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of WinRAR and allows the attackers to execute arbitrary code by crafting malicious archive files. A path traversal vulnerability, also known as a directory traversal vulnerability, is a type of security flaw that allows attackers to access files and directories they should not be able to reach.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- BlueLeaks: Data from 200 US police departments & fusion centers published online
June 22, 2020
The files, dubbed BlueLeaks, have been published by Distributed Denial of Secrets (DDoSecrets), a group that describes itself as a “transparency collective.” The data has been made available online on a searchable portal. According to the BlueLeaks portal, the leaked data contains more than one million files, such as scanned documents, videos, emails, audio files, and more. DDoSecrets ...
- Microcin is here
June 19, 2020
In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. What initially attracted our attention was the enterprise-grade API-like (application programming interface) programming style. Such an approach is not that common in the malware world and is mostly used ...
- Hackers use fake Windows error logs to hide malicious payload
June 19, 2020
Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks. The trick is part of a longer chain with intermediary PowerShell commands that ultimately delivers a script for reconnaissance purposes. MSP threat detection provider Huntress Labs discovered an attack scenario ...
- Australian PM says nation under serious state-run ‘cyber attack’ – Microsoft, Citrix, Telerik UI bugs ‘exploited’
June 19, 2020
Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation’s infosec advice agency says that while the attacker has gained access to some systems it has not conducted “any disruptive or destructive activities within victim environments.” Morrison said the attack ...
- Forward-looking security analysis of smart factories [Part 4] – MES database compromises
June 18, 2020
If I had to describe the role of the MES (Manufacturing Execution System) in a single phrase, it would be “manufacturing playmaker.” As I mentioned in the previous column, the manufacturing process is divided into multiple layers, and the system performs a different role in each layer. The MES is at the top layer of the ...
- Why did this Bank of America phishing email bypass spam filters?
June 18, 2020
Threat actors trying to steal your credentials through phishing attackers is nothing new, and the number of campaigns has only been rising in recent times. Government estimates indicate that phishing is a multi-billion dollar industry, which is why cybersecurity companies exist that focus entirely on securing client’s inboxes from malicious email. Due to this, attackers continuously come up ...