The Hacker News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...

New Amaranth Dragon cyberespionage group exploits WinRAR flaw

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...

Everybody is WinRAR phishing, dropping RATs as fast as lightning

Russians, Chinese spies, run-of-the-mill crims … Come one, come all. Everyone from Russian and Chinese government goons to ...

WinRAR under attack by state-level hackers, according to Google

A flaw that was patched six months ago is still being used by hackers aligned with Russia and China, among others.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
PCMag Australia

Hackers Still Exploiting WinRAR Flaw Even Though Fix Was Released 6 Months Ago

WinRAR doesn't have an auto-update function, meaning PCs are vulnerable until you manually update. The bug is still being ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...
MUO on MSN

I ditched WinRAR for this open-source tool and it's not 7-Zip

All the power of 7-Zip, without the 2005 vibes.
Cybernews

WinRAR flaw used against Ukraine now fueling global cybercrime, Google warns

Google Threat Intelligence warns that a critical flaw in the widely used file-compression tool WinRAR is being actively ...

Microsoft may give your encryption key to law enforcement upon valid request - here's how to keep it safe

Microsoft may give your encryption key to law enforcement upon valid request - here's how to keep it safe ...
MUO on MSN

I use this clever workaround to lock files and folders on my PC

I did not download a file locker. I repurposed a tool I already had.