[ad_1]
The assaults used spearphishing campaigns to focus on monetary, manufacturing, protection, and logistics corporations in Europe and Canada, ESET analysis finds
11 Aug 2025
ESET researchers have uncovered a beforehand unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the trail traversal flaw impacts WinRAR’s Windows model and lets risk actors execute arbitrary code by crafting malicious archive recordsdata. This marks no less than the third time RomCom has leveraged a big zero-day bug to conduct its operations, which underscores the group’s willingness to speculate severe assets into its campaigns.
Meanwhile, in the event you use WinRAR, you must replace to the software’s newest model (model 7.13) as quickly as attainable, if you have not already.
What else is there to know concerning the assaults? Find out within the video from ESET Chief Security Evangelist Tony Anscombe and ensure to learn the blogpost, too!