Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088 | Google Cloud Blog
Espionage and financially motivated threat actors are exploiting critical WinRAR vulnerability CVE-2025-8088.
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine - Arctic Wolf
Arctic Wolf Labs recently identified a U.S.-based company that was targeted by the Russian-aligned threat group RomCom via SocGholish, operated by TA569. This is the first time that a RomCom payload has been observed being distributed by SocGholish.
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) - Help Net Security
RomCom attackers are not the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks.
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
ESET Research discover a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents.
Bridewell | Operation Deceptive Prospect: RomCom Targeting UK Organisations through Customer Feedback Portals
Bridewell CTI identified this campaign by an intrusion set that we assess with high confidence to have significant technical overlap with the RomCom threat actor.
RomCom exploits Firefox and Windows zero days in the wild
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit.
The Threat Codex