Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google

The Google Threat Intelligence Group (GTIG) warns that nation-state actors and financially motivated threat actors are exploiting a flaw in WinRAR. Known as CVE-2025-8088, this vulnerability allows hackers to slip malware onto computers unnoticed. Though patched in July 2025, many users remain at risk.

Researchers noted the bug uses a “path traversal” trick. For your information, this allows an archive to look like a normal document while secretly saving a virus into your Startup folder. As we know it, files in this folder run automatically when you log in, giving hackers a permanent back door into your system.

A Problem First Seen in 2025

This isn’t the first time we’ve heard of this issue. Hackread.com reported on this weakness back in 2025 after it was first found by the security firm ESET. At the time, attackers used it to ...