Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

WinRAR Zero-Day Was Exploited by Two Threat Actors (CVE-2025-8088) - Help Net Security

Summary by Help Net Security
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations. BI.ZONE researchers may have also uncovered how RomCom and Paper Werewolf got their hands on the same exploit: it looks like it may have been offered for sale on a cyb…
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

13 Articles

Windows CentralWindows Central

Russian-Linked Hackers Are Exploiting a WinRAR Flaw — Here’s How to Stay Safe

A critical flaw in WinRAR (CVE-2025-8088) is under active attack by Russian-linked hackers. Update to version 7.13 now as WinRAR won't do it for you

Read Full Article
pcgamerpcgamer

Still using WinRAR? It might be time for an update, as a zero-day vulnerability is being 'exploited in the wild in the guise of job application documents'

WinArrrrgh.

Read Full Article
techrights.orgtechrights.org

Techrights — Links 12/08/2025: WinRAR Zero-Day, SonicWall Does More Harm Than Good

Links for the day

Read Full Article
Help Net SecurityHelp Net Security

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) - Help Net Security

The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations. BI.ZONE researchers may have also uncovered how RomCom and Paper Werewolf got their hands on the same exploit: it looks like it may have been offered for sale on a cyb…

Read Full Article
WebProNewsWebProNews

WinRAR Zero-Day CVE-2025-8088 Exploited by Russian Hackers – Update Now

In the shadowy world of cyber espionage, a seemingly innocuous file compression tool has once again become a gateway for sophisticated attacks. Security researchers have uncovered that a high-severity zero-day vulnerability in WinRAR, the popular archiving software used by millions worldwide, has been exploited for weeks by at least two distinct hacking groups. This flaw, now tracked as CVE-2025-8088, allows attackers to manipulate file paths du…

Read Full Article
DataconomyDataconomy

ESET: Update WinRAR now, it’s vulnerable

ESET identified active exploitation of a WinRAR zero-day vulnerability (CVE-2025-8088) by two Russian cybercrime groups, RomCom and Paper Werewolf, with initial detection on July 18 and subsequent notification to WinRAR developers on July 24, leading to a fix six days later. On July 18, ESET’s telemetry systems recorded an unusual file path, triggering an investigation. By July 24, ESET had determined that this anomalous activity stemmed from th…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

EuropaWire.eu broke the news in on Monday, August 11, 2025.
Sources are mostly out of (0)

Similar News Topics

Technology icon

Technology

News
For You
SearchBlindspotLocal