WinRAR Zero-Day Exploits Lead to Widespread Malware Attacks
Researchers revealed that the Russian RomCom hacking group exploited a previously unknown WinRAR path traversal vulnerability (CVE-2025-8088) in July 2025 to deliver malware via malicious archives, leading to the release of a patch by WinRAR. The attack involved hiding malicious files in alternate data streams and executing malware upon archive extraction, with multiple malware families identified. Users are advised to update WinRAR manually as it lacks an auto-update feature.