New Amaranth Dragon cyberespionage group exploits WinRAR flaw

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...

Google says a WinRAR exploit for Windows is in 'widespread' use by government-backed threat actors 'linked to Russia and China'

Google has warned that well-known and already-patched exploit for the WinRAR file archiving and compression tool for Windows remains in "widespread, active" use by "government-backed threat actors ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
IEEE

IEEE Communications Surveys and Tutorials

Abstract: I welcome you to the fourth issue of the IEEE Communications Surveys and Tutorials in 2021. This issue includes 23 papers covering different aspects of communication networks. In particular, ...
heise online

WinRAR: Code smuggling vulnerability is being attacked

A security vulnerability in the WinRAR compression program, present until version 7.12 Beta 1, allows attackers to inject malicious code. Attacks exploiting this vulnerability have now been observed.
The Hacker News

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV ...