Urgent Update Needed for WinRAR Due to Active Exploit Fearing Job Application Documents
Security/Software

Urgent Update Needed for WinRAR Due to Active Exploit Fearing Job Application Documents

A zero-day vulnerability in WinRAR is reportedly being exploited by hackers masquerading as job application documents.

There’s a sense of nostalgia tied to the WinRAR logo, but recent news of a significant zero-day vulnerability is causing concern. ESET Research announced that this exploit, labeled CVE-2025-8088, identified in July by the cybersecurity firm, is being used by a hacker group with ties to Russia, known as RomCom. The attack is reportedly disguised as job applications sent via .rar files.

The exploit was addressed in the latest WinRAR release, version 7.13. The changelog notes a risk where certain file paths could be manipulated through carefully crafted archives.

For those who frequently use WinRAR, updating to the latest version is highly recommended given the potential for exploitation, especially since recent spear phishing tactics have been reported where CVs in .rar format are being used to deceive targets.

Translation: La vulnerabilidad se está utilizando en campañas de phishing, donde se envían archivos CV en formato .rar a las víctimas potenciales.

Next article

Creative Director Discusses Balancing Marvel Rivals' DPS Roster

Newsletter

Get the most talked about stories directly in your inbox

Every week we share the most relevant news in tech, culture, and entertainment. Join our community.

Your privacy is important to us. We promise not to send you spam!