Techly NewsGet the app

Get the latest tech news

High-severity WinRAR 0-day exploited for weeks by 2 groups


Exploits allow for persistent backdooring when targets open booby-trapped archive.

By July 24, ESET determined that the behavior was linked to the exploitation of an unknown vulnerability in WinRAR, a utility for compressing files and has an installed base of about 500 million. “By exploiting a previously unknown zero-day vulnerability in WinRAR, the RomCom group has shown that it is willing to invest serious effort and resources into its cyberoperations,” ESET’s Anton Cherepanov, Peter Strýček, and Damien Schaeffer wrote. Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Day

Day

Photo of Weeks

Weeks

Photo of groups

groups

Related news:

News photo

Russia's RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks

News photo

Nintendo Switch 2 could steal Playdate's best feature one day

News photo

This iOS 26 update ruined the iPhone camera app for me - then Apple saved the day

« Don't fall for AI-powered disinformation attacks online - here's how to stay sharp
SoftBank Shares Surge on AI Hope and Sign of Stargate Progress »