Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: winrar Clear Filter

High-severity WinRAR 0-day exploited for weeks by 2 groups

news.ycombinator.com Unknown 2025-11-20 22:19:47

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached to phishing messages, some of which are personalized. Security firm ESET said Monday that it first detected the attacks on July 18, when its telemetry spotted a file in an unusual directory path. By July 24, ESET determined that the behavior was linked to the exploitation of an unknown vulnerability

Topics: attacks eset group vulnerability winrar
Read More
Shop Amazon

High-severity WinRAR 0-day exploited for weeks by 2 groups

arstechnica.com Unknown 2025-11-21 08:13:14

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached to phishing messages, some of which are personalized. Security firm ESET said Monday that it first detected the attacks on July 18, when its telemetry spotted a file in an unusual directory path. By July 24, ESET determined that the behavior was linked to the exploitation of an unknown vulnerability

Topics: attacks eset group vulnerability winrar
Read More
Shop Amazon

Details emerge on WinRAR zero-day attacks that infected PCs with malware

bleepingcomputer.com Unknown 2025-11-22 12:05:47

Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. RomCom (aka Storm-0978 and Tropical Scorpius) is a Russian cyberespionage threat group with a history in zero-day exploitation, including in Firefox (CVE-2024-9680, CVE-2024-49039) and Microsoft Office (CVE-2023-36884). ESET discovered that RomCom was exploiting an undoc

Topics: 2025 cve eset lnk winrar
Read More
Shop Amazon

WinRAR zero-day exploited to plant malware on archive extraction

bleepingcomputer.com Unknown 2025-11-24 06:42:02

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was fixed in WinRAR 7.13, which allows specially crafted archives to extract files into a file path selected by the attacker. "When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a spe

Topics: attacks rar romcom unrar winrar
Read More
Shop Amazon

WinRAR zero-day flaw exploited by RomCom hackers in phishing attacks

bleepingcomputer.com Unknown 2025-11-24 12:42:02

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was fixed in WinRAR 7.13, which allows specially crafted archives to extract files into a file path selected by the attacker. "When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a spe

Topics: attacks rar romcom unrar winrar
Read More
Shop Amazon

WinRAR patches bug letting malware launch from extracted archives

bleepingcomputer.com Unknown 2026-02-20 12:55:14

WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. The flaw tracked as CVE-2025-6218 and assigned a CVSS score of 7.8 (high severity), was discovered by security researcher whs3-detonator who reported it through Zero Day Initiative on June 5, 2025. It affects only the Windows version of WinRAR, from version 7.11 and older, and a fix was released in WinRAR versio

Topics: 2025 6218 cve malicious winrar
Read More
Shop Amazon

WinRAR 7.10 improves privacy with Mark-of-the-Web support

techspot.com Unknown 2025-11-09 08:38:00

WinRAR is a powerful archive manager. It can backup your data, reduce the size of email attachments, open and unpack RAR, ZIP as well as create new archives in these and other popular file formats. By consistently creating smaller archives, WinRAR is often faster than the competition. Is WinRAR free? WinRAR is available as a trial version with access to all features. After 40 days you will get a pop-up urging you to buy the license, however you can continue using the software without losing an

Topics: archive compression files rar winrar
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3583 apple 2975 new 2359 google 1991 content 1710
Popular
like 1476 company 1408 pro 1305 iphone 1128 app 1113 zdnet 1094 said 1043 data 1036 does 896 reviews 882
Emerging
editorial 861 amazon 854 game 800 samsung 764 phone 756 pixel 754 android 730 just 712 available 680 users 676
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]