Google warns that a well-known exploit for WinRAR is still in widespread use by Russian and Chinese threat actors

Download WinRAR version 7.13 immediately!
TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
XDA Developers on MSN

Criminals are exploiting a 2025 WinRAR bug because nobody is updating their app

Or reading the warnings, apparently.
TweakTown

WinRAR version 6.23 patches up a very serious security flaw, so make sure you update now

The latest version of the shareware app patches a rather significant security flaw dubbed CVE-2023-40477, allowing hackers to access memory beyond the allocated buffer. Popular Now: Logitech says if ...
Gizmodo

You Need to Update WinRAR, Right Now

Government-backed hackers from Russia and China exploited a known vulnerability in outdated versions of WinRAR, the world’s most popular compression tool with over 500 million users. Google’s Threat ...
Lifehacker

You Need to Update WinRAR Right Now

Pranay Parab is an independent tech journalist based in Mumbai, India. He covers tech for Lifehacker, and specializes in tutorials and in-depth features. RARLAB has fixed a critical security ...