660 matches found
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu aka Gamaredon and SHADOW-EARTH-066 aka...
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanaged software keeps an exploited entry point open long after the fix ships...
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR,...
Astra Linux – Vulnerability in unrar-nonfree
RARLAB WinRAR Recovery Volume: Improper validation of array index leads to remote code execution vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability, as the targe...
EUVD-2019-20089
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
CVE-2019-25677
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
CVE-2019-25677 WinRAR 5.61 Denial of Service via Malformed Language File
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
CVE-2019-25677 WinRAR 5.61 Denial of Service via Malformed Language File
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
CVE-2019-25677
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
CVE-2019-25677
WinRAR 5.61 is affected by a local-denial-of-service vulnerability caused by a malformed winrar.lng language file in the installation directory. When a user opens an archive and clicks the Test button, the program may crash due to an access violation at memory address 004F1DB8 while reading inval...
WinRAR 安全漏洞
WinRAR is a file compressor developed by the WinRAR company. This product supports compression and decompression of files in formats such as RAR and ZIP. Version 5.61 of WinRAR contained a security vulnerability, which was caused by a denial-of-service attack. This vulnerability could allow local...
PT-2026-30485
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...
Exploit for Path Traversal in Rarlab Winrar
POC f...
New XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection
New XWorm 7.1 and Remcos RAT campaigns abuse trusted Windows tools to evade detection. The attacks exploit a WinRAR flaw and use process hollowing to spy on victims...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 CVE-2025-8088 — Educational proof-of-concept for...
Exploit for Path Traversal in Rarlab Winrar
RedFramework Фреймворк для исследования методов постэксплу...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 Explotación WinRAR Herramienta avanzada de...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 Este repositorio contiene un generador de archiv...
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker...
Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google
The Google Threat Intelligence Group GTIG warns that nation-state actors and financially motivated threat actors are exploiting a…...