All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Russia-Aligned Hackers Exploit Patched WinRAR Flaw in Cyberattacks on Ukrainian Military and Government

By

Elizabeth Montalbano

17h ago· 7 min readenNews
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

The bagel they save for the regulars. Don't skim, savour.

Score100TypenewsSentimentnegative

Summary

Russia-aligned threat groups (Shadow-Earth-066 and Earth Dahu/Gamaredon) are actively exploiting a high-severity WinRAR vulnerability (CVE-2025-8088) in email-based cyberattacks targeting Ukrainian military and government organizations. The flaw, which was patched nearly a year ago in July 2025, continues to be weaponized for data theft and cyberespionage. Trend Micro's findings reveal two separate campaigns that both begin with weaponized emails but diverge in their attack methodologies.

Key quotes

· 3 pulled
At least two Russia-aligned threat clusters have exploited a high-severity WinRAR flaw that has been patched for nearly a year in email-based attacks against military and government organizations in Ukraine.
The findings by Trend Micro are further evidence that the vulnerability, tracked as CVE-2025-8088, continues to be a target for threat actors.
Russia-backed threat groups tracked as Shadow-Earth-066 and Earth Dahu, aka Gamaredon, are currently targeting the flaw via separate attacks that both begin with weaponized emails but then veered off into different attack
Snippet from the RSS feed
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine

You might also wanna read

Russian Cybercrime Groups Exploit WinRAR Zero-Day Vulnerability

A high-severity zero-day vulnerability in WinRAR is being actively exploited by two Russian cybercrime groups, allowing them to backdoor com

arstechnica.com·10mo ago

Polish Energy Grid Targeted by Wiper Malware, Likely from Russian State Hackers

Polish electric grid was targeted by wiper malware, likely from Russian state hackers, in an attempt to disrupt electricity delivery operati

arstechnica.com·4mo ago

CVE-2025-53136: Microsoft Patches Windows Kernel Information Disclosure Vulnerability Bypassing KASLR

Microsoft patched CVE-2025-53136, a kernel information disclosure vulnerability in Windows NT OS Kernel that allowed leaking kernel base add

crowdfense.com·9mo ago

Malicious Malware Found in AUR Packages - Aur-general

A malicious AUR package containing malware was discovered in firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin AUR packages

lists.archlinux.org·10mo ago

SmartAttack: Air-Gap Attack via Smartwatches

arxiv.org·1y ago

Small models also found the vulnerabilities that Mythos found

aisle.com·2mo ago