ESET warns that at least two Russian hacking groups are using the zero-day flaw in WinRAR for cyberespionage purposes.

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached ...

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day ...

Iconic archiving platform WinRAR carried a dangerous zero-day vulnerability which could have let hackers plant malware on ...

ESET Research discover a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application ...

Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was ...

A newly discovered zero-day vulnerability in WinRAR, tracked as CVE-2025-8088, has been patched following reports of active ...

A newly discovered vulnerability in WinRAR has been exploited in the wild by the Russia-aligned cyber group RomCom. According ...

ESET researchers Anton Cherepanov, Peter Košinár and Peter Strýček identified the vulnerability. According to ESET expert ...

ESET discovers a Russian hacking group exploiting the vulnerability to deliver malware through phishing emails. WinRAR ...

WinRAR patched CVE-2025-8088, a zero-day exploited by Russia RomCom in attacks on financial, defense, manufacturing and ...

Plus, RomCom isn't the only Russia-linked crew to abuse WinRAR holes. Fancy Bear, the GRU cyber-espionage crew, previously exploited CVE-2023-38831 for large-scale phishing campaigns against ...