Two threat actors, including a Russia-aligned group, exploited a zero-day vulnerability in WinRAR this summer. These attacks targeted organizations in Europe and Russia, highlighting ongoing geopolitical cyber-espionage. #CVE-2025-8088 #RomCom #PaperWerewolf #WinRAR
Keypoints
- Two threat actors exploited a previously unknown flaw in WinRAR, tracked as CVE-2025-8088.
- RomCom, a Russia-aligned group, targeted European and Canadian organizations using spear-phishing campaigns.
- Another group, Paper Werewolf, exploited the same WinRAR vulnerability in attacks on Russian entities.
- The WinRAR zero-day was sold on the dark web for $80,000 and patched by developers in July 2025.
- Both groupsβ activities suggest ongoing geopolitical espionage and cyber-espionage operations targeting key sectors.
Read More: https://therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers