WinRAR Zero-Day Under Active Exploitation — Update to Version 7.13 Now!
1 min read
Summary
A recently discovered zero-day vulnerability is being actively exploited by a Russia-linked hacking group called Paper Werewolf (also known as GOFFEE).
The bug, tracked as CVE-2025-8088, allows malicious files to be placed on users’ systems, which can then be used by hackers to run malware without being detected.
WinRAR has released an emergency update to fix the issue.
The vulnerability comes after a similar bug was discovered in November 2022, which was also being exploited by the same hacking group.
This latest issue affects the Windows version of WinRAR, specifically when the software is used to extract files from a malicious RAR archive.
Malware can then be placed in sensitive system locations, such as the Windows Startup folder, allowing the attacker to hijack the machine.
With the ongoing war in Ukraine, attacks by Russia-linked groups are being monitored closely by researchers.