Google warns that a well-known exploit for WinRAR is still in widespread use by Russian and Chinese threat actors

Download WinRAR version 7.13 immediately!
TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
The Hacker News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...
XDA Developers on MSN

Criminals are exploiting a 2025 WinRAR bug because nobody is updating their app

Or reading the warnings, apparently.
TweakTown

WinRAR version 6.23 patches up a very serious security flaw, so make sure you update now

The latest version of the shareware app patches a rather significant security flaw dubbed CVE-2023-40477, allowing hackers to access memory beyond the allocated buffer. The flaw would give hackers ...
Gizmodo

You Need to Update WinRAR, Right Now

Government-backed hackers from Russia and China exploited a known vulnerability in outdated versions of WinRAR, the world’s most popular compression tool with over 500 million users. Google’s Threat ...
Cybernews

WinRAR flaw used against Ukraine now fueling global cybercrime, Google warns

Google Threat Intelligence warns that a critical flaw in the widely used file-compression tool WinRAR is being actively ...
Lifehacker

You Need to Update WinRAR Right Now

Pranay Parab is an independent tech journalist based in Mumbai, India. He covers tech for Lifehacker, and specializes in tutorials and in-depth features. RARLAB has fixed a critical security ...