Scworld
Exploitation of WinRAR Path Traversal Flaw Continues Amid CISA Warning
First seen 27 Jan 2026, 22:53 UTC
•



+6
•77% similarity
•41.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The CVE-2025-8088 vulnerability in WinRAR is being exploited by various threat actors for initial access and to deploy malware. The flaw allows attackers to use Alternate Data Streams to write malicious files to arbitrary locations, including the Windows Startup folder. In response to ongoing attacks, the vulnerability has been added to CISA's Known Exploited Vulnerabilities list, with federal agencies ordered to remediate it by December 30, 2025.
ThreatCluster AI