The Hacker News

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV ...
TechRepublic

WinRAR Zero-Day Exploited by Russian-Linked Hackers RomCom and Paper Werewolf

WinRAR Zero-Day Exploited by Russian-Linked Hackers RomCom and Paper Werewolf Your email has been sent Cybersecurity researchers have identified an actively exploited ...
Ars Technica

High-severity WinRAR 0-day exploited for weeks by 2 groups

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached ...
theregister

Russia's RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks

Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix. The bug, tracked as CVE-2025-8088, is a ...
Ubergizmo Feed

Time Yo Update: WinRAR 7.13 Update Fixes Critical Windows Security Vulnerability

The widely used file compression tool for Windows, WinRAR, has just released version 7.13 to address a severe security vulnerability identified as CVE-2025-8088. This flaw, discovered by ESET security ...
TechRadar

WinRAR has a serious security flaw - worrying zero-day issue lets hackers plant malware, so ...

ESET found a high-severity bug in WinRAR being used by RomCom, a known Russian hacking collective The bug was being used to deploy backdoors allowing full access to compromised computers WinRAR says ...
Bitdefender

WinRAR Zero-Day Exploit Actively Targeted in Ongoing Attacks

A newly discovered zero-day vulnerability in WinRAR, tracked as CVE-2025-8088, has been patched following reports of active exploitation in the wild. The flaw, with a CVSS severity score of 8.8, ...
WeLiveSecurity

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise ...
SecurityWeek

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada

WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies. A Russian threat group has been observed exploiting a ...
The Hacker News

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability. Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been ...
PC World

Update WinRAR now! This security flaw leaves your PC exposed to malware

If you’re still using WinRAR, you should update to version 7.12 as soon as possible. A vulnerability labeled CVE-2025-6218 was recently discovered in older versions of the popular Windows file ...