Tag: CVE-2025-8088
-
Shadows in the Inbox: Ukraine’s CERT-UA Unmasks the UAC-0252 Phishing Blitz and its “PalachPro” Ties
In early 2026, malicious actors initiated a mass dissemination of emails masquerading as official communications from Ukrainian state authorities. Recipients are deceptively urged to “update mobile applications” pertinent to ubiquitous civilian and military services. Lurking beneath the veneer of these missives is a pernicious campaign that deploys a formidable arsenal of software designed to exfiltrate…
-
Dragon in the Archives: How “Amaranth-Dragon” Weaponized a WinRAR Zero-Day to Spy on Southeast Asia
In 2025, Southeast Asia witnessed a pronounced escalation in cyber-espionage operations, meticulously cloaked in missives pertaining to regional geopolitics and security developments. This strategic alignment with current events exponentially augments the probability that recipients will engage with deleterious attachments, thereby precipitating an infection sequence. Check Point analysts have delineated a previously undocumented cluster designated as…
-
The Persistence of WinRAR: Google Warns of Widespread CVE-2025-8088 Attacks
The Google Threat Intelligence Group (GTIG) has disclosed the extensive exploitation of a critical vulnerability, designated CVE-2025-8088, residing within the ubiquitous WinRAR archiving utility. Although the defect was remediated in the summer of 2025, adversaries persist in weaponizing it globally, integrating the flaw into both financially motivated incursions and state-sponsored espionage operations. The crux of…
-
APT-C-53 Hits Ukraine: New Attack Exploits WinRAR Flaw for Persistence
APT-C-53 has once again intensified its distribution of malicious attachments targeting organizations in Ukraine. The latest wave of attacks demonstrates that the group continues to refine its stealth-penetration toolkit and to update its initial-access techniques, pairing them with its long-established multilayered script-execution framework. According to the 360 Threat Intelligence Center, the attackers are exploiting CVE-2025-8088…
-
WinRAR Zero-Day (CVE-2025-8088) Exploited by RomCom Hackers, ESET Warns
The ESET research team has published a detailed analysis revealing how the cyber-espionage group RomCom exploited a previously unknown path-traversal vulnerability in WinRAR (CVE-2025-8088) to stealthily install malicious software on victims’ computers. This flaw was leveraged in zero-day attacks, meaning it remained unpatched at the time of discovery. According to ESET, exploitation in the wild…