The assaults used spearphishing campaigns to focus on monetary, manufacturing, protection, and logistics corporations in Europe and Canada, ESET analysis finds
11 Aug 2025
ESET researchers have uncovered a beforehand unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the trail traversal flaw impacts WinRAR’s Home windows model and lets menace actors execute arbitrary code by crafting malicious archive information. This marks no less than the third time RomCom has leveraged a big zero-day bug to conduct its operations, which underscores the group’s willingness to speculate severe assets into its campaigns.
In the meantime, if you happen to use WinRAR, it is best to replace to the device’s newest model (model 7.13) as quickly as doable, if you have not already.
What else is there to know in regards to the assaults? Discover out within the video from ESET Chief Safety Evangelist Tony Anscombe and ensure to learn the blogpost, too!
Join with us on Fb, X, LinkedIn and Instagram.
