Multiple Threats Exploit WinRAR Zero-Day in Global Attacks

August 12, 2025 at 12:13 AM

•

1 min read

Multiple Threats Exploit WinRAR Zero-Day in Global Attacks — Photo: Ars Technica

TL;DR Summary

A critical zero-day vulnerability in WinRAR has been actively exploited for weeks by two Russian cybercrime groups, RomCom and Paper Werewolf, through malicious archives in phishing attacks. The vulnerability, CVE-2025-8088, was exploited to plant malicious files and was patched within six days of discovery, highlighting the sophistication and resource investment of the attackers.

Topics:top-news #cybersecurity #exploitation #russia #technology #winrar #zero-day

Share this article

High-severity WinRAR 0-day exploited for weeks by 2 groups Ars Technica
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability WeLiveSecurity
WinRAR zero-day exploited to plant malware on archive extraction BleepingComputer
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada SecurityWeek
⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More The Hacker News

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 2 min read

Condensed

85%

353 → 53 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights