The assaults used spearphishing campaigns to focus on monetary, manufacturing, protection, and logistics corporations in Europe and Canada, ESET analysis finds
11 Aug 2025
ESET researchers have uncovered a beforehand unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the trail traversal flaw impacts WinRAR’s Home windows model and lets menace actors execute arbitrary code by crafting malicious archive information. This marks not less than the third time RomCom has leveraged a major zero-day bug to conduct its operations, which underscores the group’s willingness to speculate critical sources into its campaigns.
In the meantime, in the event you use WinRAR, you need to replace to the software’s newest model (model 7.13) as quickly as doable, if you have not already.
What else is there to know in regards to the assaults? Discover out within the video from ESET Chief Safety Evangelist Tony Anscombe and ensure to learn the blogpost, too!
