Russian hackers took advantage of a WinRAR zero-day vulnerability to launch attacks in Europe and Canada.

WinRAR has addressed the critical vulnerability identified as CVE-2025-8088, a zero-day flaw that was actively exploited by the Russian hacking group RomCom. This vulnerability posed significant risks to various sectors, including financial, defence, manufacturing, and logistics companies across Europe and Canada. The exploitation of this zero-day vulnerability allowed attackers to infiltrate systems, potentially leading to severe data breaches and operational disruptions. Security experts have urged organisations to update their WinRAR software promptly to mitigate any risks associated with this vulnerability.

The recent attacks attributed to RomCom highlight the ongoing threat posed by sophisticated cybercriminals targeting essential industries. By leveraging the WinRAR zero-day, these hackers were able to execute their malicious activities with relative ease, underscoring the importance of robust cybersecurity measures. As organisations continue to navigate the complexities of digital security, the timely patching of vulnerabilities like CVE-2025-8088 is crucial in safeguarding sensitive information and maintaining operational integrity. Cybersecurity professionals are encouraged to remain vigilant and proactive in their defence strategies against such emerging threats.