WinRAR released a security patch to address a vulnerability allowing attackers to hijack user extraction processes and plant malicious files in unintended system locations. Tracked as CVE-2025-8088, the vulnerability has a high severity rating with a CVSS score of 8.4. Anton Cherepanov, Peter Kosinar, and Peter Strycek from ESET discovered and reported the vulnerability to … Continue reading “WinRAR Path Traversal Vulnerability Exploited in the Wild (CVE-2025-8088)”
Tag: WinRAR
Threat Actors Exploit WinRAR Zero-day Vulnerability in Attacks Targeting Crypto Accounts (CVE-2023-38831)
The threat actors are exploiting a zero-day vulnerability in WinRAR to install malware. Tracked as CVE-2023-38831, the vulnerability may allow threat actors to hide malicious code in zip archives posing as “.jpg,” “.txt,” and other file formats. In addition, the vulnerability may also allow the threat actors to go ahead and distribute this code in … Continue reading “Threat Actors Exploit WinRAR Zero-day Vulnerability in Attacks Targeting Crypto Accounts (CVE-2023-38831)”