WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned threat groups, Earth Dahu (Gamaredon) and SHADOW-EARTH-066 (UAC-0226), continue to exploit a patched WinRAR vulnerability (CVE-2025-8088) to target Ukrainian organizations nearly a year after fixes were released. The campaigns leverage a path traversal flaw to deploy information-stealing malware against Ukrainian entities, demonstrating persistent targeting despite available sec

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an

Originally published at thehackernews.com

#Apt #Cybersecurity #Geopolitical-Threats #Malware #Vulnerabilities #Vulnerability Management

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Talk to an architect about applying this to your stack.

More from the journal

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

The Hidden Security Risk in Modern Networks: The Work Between Tools

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer