WinRAR doesn't have an auto-update function, meaning PCs are vulnerable until you manually update. The bug is still being widely exploited, Google security researchers warn.

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious ...

All the power of 7-Zip, without the 2005 vibes.

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...

Sometimes a client or colleague needs to send you large files. One common way to handle large files is to compress them into a ZIP package to make the file size more reasonable for transmission over ...

The latest version of the shareware app patches a rather significant security flaw dubbed CVE-2023-40477, allowing hackers to access memory beyond the allocated buffer. The flaw would give hackers ...

The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January. A critical 19-year-old WinRAR vulnerability disclosed last ...

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

March 16, 2019 Add as a preferred source on Google Add as a preferred source on Google Last month a 19-year-old bug was discovered in WinRAR, the software many PC users use to extract .zip and other ...