Hackers Exploited a New WinRAR Flaw Before It Was Patched