PCMag on MSN

Hackers still exploiting WinRAR flaw even though fix was released 6 months ago

WinRAR doesn't have an auto-update function, meaning PCs are vulnerable until you manually update. The bug is still being ...

Google warns that a well-known exploit for WinRAR is still in widespread use by Russian and Chinese threat actors

Download WinRAR version 7.13 immediately!

WinRAR under attack by state-level hackers, according to Google

A flaw that was patched six months ago is still being used by hackers aligned with Russia and China, among others.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
Ars Technica

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open ...
Ars Technica

Nasty code-execution bug in WinRAR threatened millions of users for 14 years

WinRAR, a Windows file compression program with 500 million users worldwide, recently fixed a more than 14-year-old vulnerability that made it possible for attackers to execute malicious code when ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
Threat Post

19-Year-Old WinRAR Flaw Plagues 500 Million Users

Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR. Popular Windows data compression tool WinRAR has patched a serious ...
Computerworld

Critical flaw puts 500 million WinRAR users at risk of being pwned by unzipping a file

500 million, yes half a billion, WinRAR users are at risk of being pwned thanks to a critical flaw that could allow hackers to take control of victims’ computers. Vulnerability Lab, via the Full ...
TechSpot

Remote code execution vulnerability found in older versions of WinRAR, update it now

In brief: Last week, a researcher discovered a vulnerability in older trial versions of the WinRAR file compression software. It allows for remote code execution---essentially allowing an attacker to ...