Turla Unveils STOCKSTAY Backdoor in Ukraine Espionage Campaigns
Russian hackers, specifically the state-sponsored group Turla, have unleashed a new and stealthy backdoor called STOCKSTAY in a recent espionage campaign targeting Ukraine. This sneaky malware uses a secure WebSocket connection to communicate with its command center, making it a formidable tool for cyber spies.
Russia-Aligned Groups Exploit WinRAR Flaw to Deploy Stealers in Ukraine
Despite a July 2025 patch, a vulnerability in WinRAR, known as CVE-2025-8088, continues to be exploited by Russia-aligned groups, including SHADOW-EARTH-066, to deploy stealers in Ukraine. This highlights the risks of unmanaged software leaving exploited entry points open long after a fix is released.
#WinrarVulnerability #Cve20258088 #Russia #Ukraine #SupplyChain
Gamaredon Exploits WinRAR Flaw to Deliver GammaWorm, GammaSteel Malware
Cyber attackers have cleverly exploited a WinRAR flaw to unleash a potent malware duo, GammaWorm and GammaSteel, with the goal of taking control of infected systems and executing malicious scripts. This sneaky tactic, spotted by French cybersecurity firm Sekoia, allows hackers to fingerprint host systems, manipulate network settings, and…
FSB-Linked Worm Exploits Windows Flaw to Evade Detection
Cyber attackers have cleverly exploited a known Windows flaw, CVE-2025-8088, to sneak a malicious payload into victims' systems, allowing them to gain access and lay the groundwork for further attacks. This stealthy move was uncovered by Sekoia, which tracked the initial access stage as GammaPhish.
WinRAR w ogniu krytyki – luka CVE-2025-8088 zagraża użytkownikom
Kiedy ostatnio zaktualizowałeś WinRAR? Jeśli odpowiedź brzmi „nie pamiętam”, ktoś mógł już włożyć do twojego komputera plik, który uruchomi się przy następnym logowaniu.
Czytaj dalej:
https://pressmind.org/winrar-w-ogniu-krytyki-luka-cve-2025-8088-zagraza-uzytkownikom/
Ny brist i WinRAR utnyttjas av minst två olika hackergrupper. Läs mer på bloggen:
https://kryptera.se/ny-brist-i-winrar-utnyttjas-av-minst-tva-hotaktorer/
#Cybersecurity #InfoSec #Security #Vulnerability #ZeroDay #PatchNow #WinRAR #CVE20258088 #PathTraversal #ThreatIntel #IncidentResponse #RomCom #PaperWerewolf #PhishingAlert
A critical zero‑day vulnerability, CVE‑2025‑8088, affecting Windows versions of WinRAR (and related tools) has been actively exploited in targeted spear‑phishing attacks by the Russian‑linked threat group RomCom.
https://forum.hashpwn.net/post/2044
#cybersecurity #zeroday #vulnerability #winrar #cve20258088 #romcom #hashpwn #news
WinRAR's new flaw is letting hackers sneak malicious files into your system—imagine your trusted archive turning rogue. How safe is your version? Read on to uncover how RomCom is exploiting this zero-day and what you can do to protect yourself.
#winrarvulnerability
#cve20258088
#romcomhackers
#cybersecurity
#infosec
🚨 WinRAR CVE-2025-8088 (CVSS 8.8) exploited in the wild.
Malicious archives → path traversal → code exec. Linked to Paper Werewolf ops.
Patch to v7.13 immediately.
Question: After so many WinRAR zero-days, would you trust it for enterprise use?
WinRAR isn't just a file compressor anymore—its zero-day flaw now lets hackers sneak malicious files in like hidden backdoors. Could your system be at risk? Learn how CVE-2025-8088 is being exploited and why updating matters.
https://thedefendopsdiaries.com/understanding-the-winrar-zero-day-vulnerability-cve-2025-8088/
Analyst207
PressMind Labs
Jonas Lejon
Cyclone
The DefendOps Diaries
TechNadu