The assaults used spearphishing campaigns to focus on monetary, manufacturing, protection, and logistics corporations in Europe and Canada, ESET analysis finds
11 Aug 2025
ESET researchers have uncovered a beforehand unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the trail traversal flaw impacts WinRAR’s Home windows model and lets menace actors execute arbitrary code by crafting malicious archive information. This marks a minimum of the third time RomCom has leveraged a major zero-day bug to conduct its operations, which underscores the group’s willingness to speculate severe sources into its campaigns.
In the meantime, in case you use WinRAR, it is best to replace to the device’s newest model (model 7.13) as quickly as potential, if you have not already.
What else is there to know in regards to the assaults? Discover out within the video from ESET Chief Safety Evangelist Tony Anscombe and ensure to learn the blogpost, too!
