WinRAR under attack by state-level hackers, according to Google2026-01-28 14:08 by DanielaTags: WinRAR
Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals, are exploiting a path-traversal vulnerability affecting WinRAR that was disclosed and patched six months ago. The high-severity vulnerability - CVE-2025-8088 - was exploited in the wild almost two weeks before RARLAB, the vendor behind the file archiver tool, addressed the vulnerability in a software update in late July. Active exploitation of the vulnerability has consistently extended to more threat groups during the past six months and remains ongoing. Google threat hunters have attributed attacks to at least three financially motivated attackers, four Russia state-sponsored groups and one attacker based in China. "Government-backed threat actors linked to Russia and China as well as financially motivated threat actors continue to exploit this n-day across disparate operations," Google said in a threat intelligence report Tuesday. Researchers did not say how many attacks are linked to the vulnerability but described the activity as widespread. Nation-state groups are consistently exploiting the defect to target victims in military, government and technology for espionage, researchers said. Groups backed by Russia are targeting Ukrainian military and government entities while the China-based attacker’s targets remain unknown. Read more -here-
Post your review/comments
rate:
avg:
|