WinRAR zero-day exploited in espionage attacks against high-value targets

8 months ago 85
Emergency Loans for business funding and personal get updated jobs at bestpiecejob.co.za Work From Home - Earn Something By Just Working At Home

Video

The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds

Editor

11 Aug 2025

ESET researchers have uncovered a previously unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the path traversal flaw affects WinRAR's Windows version and lets threat actors execute arbitrary code by crafting malicious archive files. This marks at least the third time RomCom has leveraged a significant zero-day bug to conduct its operations, which underscores the group’s willingness to invest serious resources into its campaigns.

Meanwhile, if you use WinRAR, you should update to the tool's latest version (version 7.13) as soon as possible, if you haven't already.

What else is there to know about the attacks? Find out in the video from ESET Chief Security Evangelist Tony Anscombe and make sure to read the blogpost, too!

Connect with us on Facebook, XLinkedIn and Instagram.

Let us keep you
up to date

Sign up for our newsletters

Read Entire Article
  1. Homepage
  2. International
  3. WinRAR zero-day exploited in espionage attacks against high-value targets

Related

How NIST's Cutback of CVE Handling Impacts Cyber Teams

How NIST's Cutback of CVE Handling Impacts Cyber Teams

14 hours ago 6
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

15 hours ago 6
Every Old Vulnerability Is Now an AI Vulnerability

Every Old Vulnerability Is Now an AI Vulnerability

19 hours ago 7
Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs

Coast Guard's New Cybersecurity Rules Offers Lessons for CIS...

21 hours ago 7
Singer loses life savings to fake wallet downloaded from the Apple App Store

Singer loses life savings to fake wallet downloaded from the...

23 hours ago 14
That data breach alert might be a trap

That data breach alert might be a trap

1 day ago 3
Here's What Agentic AI Can Do With Have I Been Pwned's APIs

Here's What Agentic AI Can Do With Have I Been Pwned's APIs

1 day ago 8
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities

NIST Revamps CVE Framework to Focus on High-Impact Vulnerabi...

1 day ago 8
North Korea Uses ClickFix to Target macOS Users' Data

North Korea Uses ClickFix to Target macOS Users' Data

1 day ago 11
'Harmless' Global Adware Transforms Into an AV Killer

'Harmless' Global Adware Transforms Into an AV Killer

1 day ago 10
Emergency Loans for business funding and personal Work From Home - Earn Something By Just Working At Home buy or sell