ESET research reveals spearphishing attacks targeting financial, manufacturing, defense, and logistics companies in Europe and Canada
11 Aug 2025
ESET researchers have discovered a new vulnerability in WinRAR exploited by the Russia-aligned group RomCom. Identified as CVE-2025-8088, this flaw in WinRAR’s Windows version allows threat actors to execute arbitrary code through specially crafted archive files. RomCom has previously used significant zero-day vulnerabilities for their operations, demonstrating their commitment to sophisticated attacks.
If you are a WinRAR user, it is crucial to update to the latest version (version 7.13).
Learn more about these attacks in the video featuring ESET Chief Security Evangelist Tony Anscombe and read the accompanying blogpost for additional insights.
Stay connected with us on Facebook, X, LinkedIn, and Instagram.
