Information security
fromTheregister
3 days agoEveryone's exploiting a WinRAR bug to drop RATs
CVE-2025-8088, a patched WinRAR path traversal flaw, continues to be exploited by state-aligned actors and criminals to deliver malware including RATs.
The agency says the activity it's seeing suggests an increasing focus on "high-value" individuals - everyone from current and former senior government, military, and political officials to civil society groups across the US, the Middle East, and Europe. In many of the campaigns, attackers delivered spyware first and asked questions later, using the foothold to deploy more payloads and deepen their access.