The “Unzip” of Death: Why Using Your Old WinRAR Is a Dangerous Trap

This title could be clearer and more informative.Try out Clickbait Shieldfor free (5 uses left this month).

Two critical WinRAR vulnerabilities (CVE-2025-6218 and CVE-2025-8088) are being actively exploited by Russian cybercrime groups including RomCom (Storm-0978) and Paper Werewolf. The attack vector involves malicious RAR archives disguised as job application CVs that use Windows Alternate Data Streams and a path traversal exploit to silently plant backdoor scripts in the Windows Startup folder. Version 7.12 only patches the first flaw; users must update to version 7.13 or higher to be protected against both vulnerabilities. CISA added CVE-2025-6218 to its Known Exploited Vulnerabilities catalog in December 2025.

#security

#cyber

#zero-day

Mar 14•5m read time•From infosecwriteups.com

Table of contents

We ignored the license pop-up for 20 years. Now, hackers are selling an $80,000 exploit that weaponizes the “Extract Here” button.The “Fake Job Interview” Trap How the “Invisible” Backdoor Works Who Is Attacking You?The “Double” Trap: Why Updating Once Isn’t Enough Get Shadhujan Jeyachandran’s stories in your inbox The Fix (Do It Now)

Comment

Bookmark

Copy

Sort: