WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware

Threat Score:
84
Hackread
2 hours ago

Overview

Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to…...

Related Articles

5 articles
2

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

The Hacker News 2 hours ago

Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit instructions. Generative artificial intelligence (AI) security platform NeuralTrust said it combined a known technique called Echo Chamber with narrative-driven steering to trick the model into producing undesirable responses. "We use Echo Chamber to seed and reinforce a subtly poisonous conversational context, then guide

Score
80
Read more
3
Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data

Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data

GB Hackers 7 hours ago

Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data Microsoft security researchers have uncovered four critical vulnerabilities inWindows BitLockerthat could allow attackers with physical access to bypass the encryption system and extract sensitive data. The findings, revealed in research dubbed “BitUnlocker,” demonstrate sophisticated attack methods targeting the Windows Recovery Environment (WinRE) to circumvent Microsoft’s flagship data protection technology

Score
78
Read more
4

CastleBot MaaS Released Diverse Payloads in Coordinated Mass Ransomware Attacks

GB Hackers 10 hours ago

CastleBot MaaS Released Diverse Payloads in Coordinated Mass Ransomware Attacks IBM X-Force has uncovered CastleBot, a nascent malware framework operating as a Malware-as-a-Service (MaaS) platform, enabling cybercriminals to deploy a spectrum of payloads ranging from infostealers to sophisticated backdoors implicated in ransomware operations. First detected in early 2025 with heightened activity since May, CastleBot facilitates the delivery of threats likeNetSupportand WarmCookie, which have his

Score
75
Read more
5

Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability

GB Hackers 7 hours ago

Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on the public internet, vulnerable to a critical security flaw designatedCVE-2025-53786. This high-severity vulnerability, which carries a CVSS score of 8.0 out of 10, enables attackers with administrative access to on-premises Exchange servers to escalate privileges wi

Score
74
Read more