BeyondMachines :verified:@beyondmachines1@infosec.exchange
WinRAR vulnerability exploited in malware campaigns
WinRAR patched a vulnerability (CVE-2025-8088) that was actively exploited by Russian-linked cybercriminals through phishing emails containing malicious RAR attachments. The flaw allows attackers to achieve remote code execution by writing files to arbitrary system locations including Windows Startup folders. All WinRAR versions prior to 7.13 are affected.
If you use WinRAR, update it to version 7.13 or later from the official WinRAR, because hackers are sending malicious archive attachments and if you open them you are hacked. Also, be very careful with any RAR file attachments in emails, especially unexpected ones.
#cybersecurity #infosec #advisory #ransomware
https://beyondmachines.net/event_details/winrar-vulnerability-exploited-in-malware-campaigns-w-6-k-x-v/gD2P6Ple2L