WinRAR
-
Amaranth Dragon exploits WinRAR flaw to target Southeast Asian agencies
Amaranth Dragon exploited CVE-2025-8088 in WinRAR to target government and law enforcement agencies across six Southeast Asian countries from mid-2025, delivering encrypted loaders and using Cloudflare-backed command servers.
-
Multiple groups exploit WinRAR CVE-2025-8088 using Alternate Data Streams since July 2025
Multiple state-backed and criminal groups have exploited the high severity WinRAR path traversal CVE-2025-8088 since July 18, 2025. Exploits hide payloads in Alternate Data Streams and can drop persistent launchers to Startup folders.
-
CISA adds WinRAR flaw CVE-2025-6218 to known-exploited list after reported active use
CISA added a WinRAR path traversal vulnerability, CVE-2025-6218 (CVSS 7.8), to its Known Exploited Vulnerabilities catalog after reports of active exploitation by multiple threat groups; RARLAB patched the bug in WinRAR 7.12 for Windows in June 2025 and agencies are required to remediate by Dec. 30, 2025.
-
WinRAR Addresses Critical Zero-Day Vulnerability Exploited in Active Attacks
WinRAR has released an urgent update to address a critical zero-day vulnerability, CVE-2025-8088, that is actively being exploited to execute arbitrary code through malicious archive files. Users are strongly advised to upgrade to version 7.13.
-
New WinRAR Vulnerability Poses Risk of Arbitrary Code Execution
A newly disclosed vulnerability in WinRAR allows attackers to bypass essential Windows security mechanisms, enabling arbitrary code execution on affected systems, prompting urgent updates and user vigilance.
