The Hacker News · Jun 9, 2026 12:26 PM

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released.

The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an

Read at The Hacker News

Was this helpful?

Confidential submission of draft S-1 to the SEC 2026-06-09
Nemotron 3.5 Content Safety: Customizable Multimodal Safety for Global Enterprise AI 2026-06-09
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models 2026-06-09
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now 2026-06-09

← Back to edition

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Was this helpful?

Related