![WinRAR](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/21122249/winrar-400x200.jpg)
State-sponsored APTs are leveraging WinRAR bug
A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. …
![WinRAR](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/23165609/winrar-2-400x200.jpg)
Fake WinRAR PoC spread VenomRAT malware
An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread …
![WinRAR](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/23165609/winrar-2-400x200.jpg)
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …
![WinRAR](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/21122249/winrar-400x200.jpg)
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …
![biohazard](https://img.helpnetsecurity.com/wp-content/uploads/2016/08/09110910/biohazard-400x200.jpg)
Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
![WinRar](https://img.helpnetsecurity.com/wp-content/uploads/2019/02/09095152/winrar-400x200.jpg)
500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege