A new zero-day vulnerability in WinRAR (CVE-2025-8088) is being exploited by Russian state-sponsored hacking groups in targeted attacks across Europe and Canada. Users are urged to update to the latest version to prevent malware infection and system compromise. #WinRAR #CVE20258088 #RomCom #RussianThreatActors
Keypoints
- A critical zero-day vulnerability in WinRAR is actively being exploited in targeted attacks.
- The threat actors behind these attacks are linked to Russian foreign intelligence agencies.
- The initial infection vector involves sophisticated phishing campaigns with malicious archive files.
- Exploiting the vulnerability allows attackers to run arbitrary code and deploy the RomCom remote access Trojan.
- WinRAR has issued an emergency patch, and users are strongly advised to update immediately.