Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
WinRAR
State-sponsored APTs are leveraging WinRAR bug

A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. …

WinRAR
Fake WinRAR PoC spread VenomRAT malware

An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread …

WinRAR
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …

WinRAR
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …

biohazard
Latest WinRAR, Drupal flaws under active exploitation

CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …

WinRar
500 million WinRAR users open to compromise via a 19-year-old flaw

A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …

Don't miss

Cybersecurity news