TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

A critical WinRAR vulnerability (CVE-2025-8088) patched in July 2025 continues to be actively exploited by multiple threat actors including Russian groups (RomCom, APT44, Temp.Armageddon, Turla), Chinese state-sponsored actors, and financially motivated cybercriminals. The path traversal flaw allows attackers to hide malware using Windows Alternate Data Streams in malicious RAR archives. Targets include Ukrainian military and government entities, commercial organizations in Indonesia, hospitality sectors, and Brazilian banking users. The exploit was initially sold on cybercrime forums for $80,000 before the patch was released.

Everyone’s exploiting a WinRAR bug to drop RATs