Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

Google Threat Intelligence Group reports widespread exploitation of CVE-2025-8088, a critical path traversal vulnerability in WinRAR patched in July 2025. State-sponsored actors from Russia and China, along with financially motivated groups, are actively exploiting this n-day vulnerability to drop malicious payloads into Show more