APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability
Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek.
Multiple state-sponsored threat actors and cybercrime groups have been exploiting a WinRAR vulnerability in attacks over the past six months, Google Threat Intelligence Group (GTIG) warns.
Tracked as CVE-2025-8088, the high-severity bug was patched on July 30, after being exploited in the wild as a zero-day by the Russia-linked hacking group named RomCom (also known as Storm-0978, Tropical Scorpius, and UNC2596).
The issue is described as a path traversal flaw in WinRAR for Windows that can be abused for arbitrary code execution using crafted archive files.
Source: https://www.securityweek.com/apts-cybercriminals-widely-exploiting-winrar-vulnerability/
Related breach coverage
- Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks2025-12-16
After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices. The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek.
- Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns2026-02-12
Threat actors from Russia, China, North Korea and Iran have been observed launching attacks. The post Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns appeared first on SecurityWeek.
- Exploitation of React2Shell Surges2025-12-08
An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. The post Exploitation of React2Shell Surges appeared first on SecurityWeek.
- Cloudflare Outage Caused by React2Shell Mitigations2025-12-05
The critical React vulnerability has been exploited in the wild by Chinese and other threat actors. The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek.