An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread the VenomRAT malware. The fake WinRAR PoC On August 17, 2023, Trend Micro’s Zero Day Initiative reported the RCE vulnerability (CVE-2023-4047) that allowed threat actors to execute arbitrary code on an affected WinRAR installation. The attacker (“whalersplonk”) took the opportunity to release a fake PoC on GitHub only … More

The post Fake WinRAR PoC spread VenomRAT malware appeared first on Help Net Security.