Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
WinRAR zero-day exploited to plant malware on archive extraction
Malware and Vulnerabilities
August 11, 2025
bleepingcomputer
A critical 0-day vulnerability in WinRAR, tracked as CVE-2025-8088, was actively exploited by the RomCom threat actor group in phishing campaigns. The flaw, a directory traversal vulnerability, allows attackers to extract files into arbitrary paths.
Read More
WinRAR zero-day
CVE-2025-8088
RomCom Group
Publisher
Previous
ReVault! When your SoC turns against you… deep dive edi ...
Malware and Vulnerabilities
Next
The inside story of the Telemessage saga
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/public_image/talosintelligence7a9d909c-7f13-4ce1-86cf-517990b78972.jpg)
/https://cyware-ent.s3.amazonaws.com/public_image/theregisterc3bfc57d-ff43-4b6c-b14f-d98421848dfa.jpg)
