The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds
11 Aug 2025
ESET researchers have uncovered a previously unknown vulnerability in WinRAR, actively being exploited by Russia-aligned group RomCom. Tracked as CVE-2025-8088, the path traversal flaw affects WinRAR’s Windows version and lets threat actors execute arbitrary code by crafting malicious archive files. This marks at least the third time RomCom has leveraged a significant zero-day bug to conduct its operations, which underscores the group’s willingness to invest serious resources into its campaigns.
Meanwhile, if you use WinRAR, you should update to the tool’s latest version (version 7.13) as soon as possible, if you haven’t already.
What else is there to know about the attacks? Find out in the video from ESET Chief Security Evangelist Tony Anscombe and make sure to read the blogpost, too!
Connect with us on Facebook, X, LinkedIn and Instagram.
