WinRAR Zero-Day Exploits Lead to Widespread Malware Attacks

August 11, 2025 at 06:05 PM

•

1 min read

WinRAR Zero-Day Exploits Lead to Widespread Malware Attacks — Photo: BleepingComputer

TL;DR Summary

Researchers revealed that the Russian RomCom hacking group exploited a previously unknown WinRAR path traversal vulnerability (CVE-2025-8088) in July 2025 to deliver malware via malicious archives, leading to the release of a patch by WinRAR. The attack involved hiding malicious files in alternate data streams and executing malware upon archive extraction, with multiple malware families identified. Users are advised to update WinRAR manually as it lacks an auto-update feature.

Topics:top-news #cve-2025-8088 #malware-payloads #romcom-hacking-group #technology #winrar #zero-day-vulnerability

Share this article

Details emerge on WinRAR zero-day attacks that infected PCs with malware BleepingComputer
WinRAR zero-day exploited to plant malware on archive extraction BleepingComputer
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability WeLiveSecurity
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada SecurityWeek
⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More The Hacker News

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 3 min read

Condensed

88%

588 → 69 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights