Still using WinRAR? You should probably look out for these potentially dangerous security flaws

• WinRAR flaw CVE-2025-8088 exploited by state-sponsored and criminal groups
• Attackers use ADS feature to deploy malware via malicious archives
• Users urged to update to WinRAR 7.13 or newer for protection

Iconic Windows archiving program WinRAR contains a high-severity vulnerability that allows threat actors to execute arbitrary code on compromised endpoints - and security researchers are now saying the bug is being exploited by numerous hacking collectives, both state-sponsored and otherwise.

The bug in question is described as a path traversal flaw, affecting versions 7.12 and older. It is tracked as CVE-2025-8088, and was given a severity score of 8.4/10 (high).

In order to secure your premises and prevent hacker incursions, security pros advise updating the program to version 7.13, or newer.