WinRAR

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)

Don't miss, Hot stuff, News, vulnerability, Windows, WinRAR /

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) 2025-04-07 at 14:36 By Zeljka Zorz WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11. About CVE-2025-31334 […]

React to this headline:

Loading spinner

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) Read More »

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

China, CVE-2023-38831, cybercrime, Malware & Threats, Nation-State, Russia, Sandworm, Vulnerabilities, WinRAR /

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw 18/10/2023 at 20:55 By Ryan Naraine Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks. The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw Read More »

State-sponsored APTs are leveraging WinRAR bug

APT, Don't miss, DuskRise, exploit, Google, government-backed attacks, Hot stuff, News, phishing, spear-phishing, WinRAR /

State-sponsored APTs are leveraging WinRAR bug 18/10/2023 at 18:21 By Zeljka Zorz A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity RCE vulnerability (CVE-2023-40477). Exploited as a zero-day by cybercriminals

React to this headline:

Loading spinner

State-sponsored APTs are leveraging WinRAR bug Read More »

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers

APT, Athena Agent, Beacon Object Files, CVE-2023-38831, Malware, Mythic Agent, phishing, Russia, Semiconductors, spear-phishing, WhiteSnake, WinRAR /

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers 10/10/2023 at 17:03 By cybleinc CRIL analyzes Mythic’s Athena Agent targeting Russian Semiconductor suppliers via spear-phishing emails. The post Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Threat Actor deploys Mythic’s Athena Agent to target Russian Semiconductor Suppliers Read More »

WinRAR Vulnerability Puts Illicit Content Consumers at Risk of Apanyan Stealer, Murk-Stealer & AsyncRAT

AntiVM, Apanyan Stealer, AsyncRAT, cybercrime, Malware, Murk Stealer, PowerShell Grabber, Threat Intelligence, vulnerability, WinRAR /

WinRAR Vulnerability Puts Illicit Content Consumers at Risk of Apanyan Stealer, Murk-Stealer & AsyncRAT 06/10/2023 at 16:02 By cybleinc CRIL analyses a malware campaign that targets illicit Content Consumers , with the goal of delivering Apanyan Stealer, Murk-Stealer, and AsyncRAT by exploiting WinRAR vulnerability. The post WinRAR Vulnerability Puts Illicit Content Consumers at Risk of

React to this headline:

Loading spinner

WinRAR Vulnerability Puts Illicit Content Consumers at Risk of Apanyan Stealer, Murk-Stealer & AsyncRAT Read More »

Fake WinRAR PoC spread VenomRAT malware

Don't miss, Hot stuff, Malware, News, Palo Alto Networks, PoC, vulnerability, WinRAR /

Fake WinRAR PoC spread VenomRAT malware 21/09/2023 at 13:01 By Helga Labus An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread the VenomRAT malware. The fake WinRAR PoC On August 17, 2023, Trend Micro’s Zero Day Initiative

React to this headline:

Loading spinner

Fake WinRAR PoC spread VenomRAT malware Read More »

WinRAR patches zero-day bug that targeted stock and crypto traders

cybersecurity, exploit, hackers, Malware, vulnerability, WinRAR /

WinRAR patches zero-day bug that targeted stock and crypto traders 25/08/2023 at 08:04 By Cointelegraph By Martin Young According to cybersecurity firm Group-IB, weaponized ZIP file archives were being shared on crypto trading forums, with each one containing a nasty surprise. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Loading spinner

WinRAR patches zero-day bug that targeted stock and crypto traders Read More »

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day 

cybercrime, exploited, Malware & Threats, WinRAR, Zero-Day /

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  24/08/2023 at 14:21 By Eduard Kovacs A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money. The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  Read More »

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

0-day, cybercrime, Don't miss, Group-IB, Hot stuff, News, security update, Windows, WinRAR /

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) 23/08/2023 at 18:46 By Zeljka Zorz Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware

React to this headline:

Loading spinner

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) Read More »

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

Don't miss, Hot stuff, News, security update, Trend Micro, vulnerability, Windows, WinRAR /

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) 21/08/2023 at 14:47 By Helga Labus RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP, CAB, ARJ, LZH, TAR, GZip,

React to this headline:

Loading spinner

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) Read More »

Scroll to Top