Two Russian APT groups are exploiting a WinRAR flaw patched nearly a year ago to hit Ukraine
Two Russian state-linked hacking groups are actively exploiting a path traversal vulnerability in WinRAR that was patched nearly a year ago, using it to deploy credential-stealing malware against Ukrainian government and military targets, according to researc…
TL;DR Two FSB-linked groups exploit a WinRAR bug patched in July 2025 to steal Ukrainian credentials. The patch exists but adoption remains slow. Two Russian state-linked hacking groups are activel… [+4748 chars]