⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready. Below, we list the urgent...

KLA85379 RCE vulnerability in WinRAR

Code execution vulnerability was found in WinRAR. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories WinRAR 7.12 Final released ZDI-25-409 CVE-2025-6218 Related products WinRAR CVE list CVE-2025-6218 critical Solution Update to the latest version Downloa...

UAC-0099 Utilizes WinRAR Exploit to Deploy LONEPAGE Malware

Summary: UAC-0099, a threat actor, has been involved in persistent attacks targeting Ukraine. These attacks leverage a critical vulnerability in WinRAR to deploy a malware strain known as LONEPAGE. Notably, the threat actor focuses on Ukrainian employees working for organizations outside of...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831-winrar-expoit-simple-Poc Very important I h...

Exploit for Absolute Path Traversal in Rarlab Winrar

This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday. Widely known asAPT33 , which Symantec...

Exploit for Path Traversal in Rarlab Winrar

CVE-2018-20250-WinRAR-ACE Proof of concept code in C to explo...

WinRAR 5.61 - (.lng) Denial of Service Exploit

Exploit Title: WinRAR 5.61 - Denial of Service Author: Kağan Çapar Software Link: https://win-rar.com/predownload.html?spV=true&subD=true&f=wrar561tr.exe Vendor Homepage : https://www.win-rar.com Tested Version: 5.61 32 Bit Tested on OS: Windows 10 Education 64 Bit Steps to Reproduce: Run perl...

WinRAR 1.0 - Local Buffer Overflow Exploit

No description provided by source...

WinRAR 3.30 - Filename Local Buffer Overflow (2)

WinRAR 3.30 - Filename Local Buffer Overflow 2 / IHS public source code WinRAR 3.3.0 and below local BOF exploit author : c0d3r , kaveh razavi advisory : http://www.securityfocus.com/archive/1/420679 tnx to alpha who reported the vulnerability workaround: use the lastest version special tnx to Lo...

WinRAR 1.0 Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ======================================== WinRAR 1.0 Local Buffer Overflow Exploit ======================================== / WinRar local buffer overflow exploit V1.0 Coded By ATmaCA Copyright ? 2004 ProGroup Software, Inc...

WinRAR 1.0 - Local Buffer Overflow

/ WinRar local buffer overflow exploit V1.0 Coded By ATmaCA Copyright © 2004 ProGroup Software, Inc. E-Mail:[email protected] Web:www.prohack.net Usage:\r\nexploit Targets: 1 - WinXP SP1 user32.dll 0x77D718FC 2 - WinXP SP2 user32.dll 0x77D8AF0A Example:exploit 1 myrar.rar / / All WinRar 2.x seri...