Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. "Discovered and patched in July 202...

PT-2025-32352

Name of the Vulnerable Software and Affected Versions WinRAR versions 6.0 through 7.01 WinRAR versions prior to 7.13 Description A path traversal issue exists in the Windows version of WinRAR due to improper limitation of a pathname to a restricted directory. The archive parser fails to sanitize...