NG Solution Team
Technology

Are espionage attacks exploiting a WinRAR zero-day vulnerability?

A newly discovered vulnerability in WinRAR is being exploited by the Russia-aligned group RomCom to conduct espionage attacks on high-value targets. These attacks, identified as CVE-2025-8088, involve spearphishing campaigns aimed at companies in the financial, manufacturing, defense, and logistics sectors across Europe and Canada. The flaw allows attackers to execute arbitrary code through specially crafted malicious archive files. This marks the third significant zero-day vulnerability exploited by RomCom, highlighting the group’s commitment to investing substantial resources in its operations. Users of WinRAR are advised to update to the latest version, 7.13, to protect against these threats. Additional insights are available in a video by ESET’s Chief Security Evangelist Tony Anscombe and a detailed blog post.

Related posts

How can you save $220 on the Galaxy Watch Ultra (2025)?

Jessica Williams

How is Sophgo contributing to China’s AI self-reliance efforts?

Michael Johnson

Who is behind the $2M Coinbase support scam?

David Jones

Leave a Comment

This website uses cookies to improve your experience. We assume you agree, but you can opt out if you wish. Accept More Info

Privacy & Cookies Policy