VulnHub

Real-time Cybersecurity News

Months After Patch, WinRAR Bug Poised to Hit SMBs Hardest

darkreading
Actively Exploited
VulnerabilityPatch

Overview

A vulnerability in WinRAR, a popular file compression software, is being exploited by Russian and Chinese nation-state attackers, even though a patch was released last July to fix the issue. This flaw poses a significant risk, particularly to small and medium-sized businesses (SMBs), which may not have updated their software or may be unaware of the vulnerability. The fact that this exploitation is ongoing months after the patch was issued raises concerns about the security practices of many organizations. Companies using affected versions of WinRAR need to take immediate action to protect themselves from potential breaches. Staying updated with software patches is crucial, especially when attackers are targeting known vulnerabilities.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: WinRAR versions prior to the patch released in July 2023
  • Action Required: Users should update to the latest version of WinRAR as per the July 2023 patch.
  • Timeline: Disclosed on July 2023

Original Article Summary

Russian and Chinese nation-state attackers are exploiting a months-old WinRAR vulnerability, despite a patch that came out last July.

Impact

WinRAR versions prior to the patch released in July 2023

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Disclosed on July 2023

Remediation

Users should update to the latest version of WinRAR as per the July 2023 patch.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Vulnerability, Patch.

Read Original Article

Related Coverage

Critical n8n flaws disclosed along with public exploits

BleepingComputer

Researchers have identified multiple serious vulnerabilities in n8n, a widely used open-source workflow automation platform. These flaws could enable attackers to escape the security measures of the software, potentially giving them complete control over the host server. This poses a significant risk to users, especially those running n8n in production environments. If exploited, these vulnerabilities could lead to unauthorized access and data breaches, impacting businesses that rely on n8n for automation tasks. Users are strongly advised to assess their systems and implement necessary security measures as soon as possible.

Feb 4, 2026

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

Security Affairs

Rui-Siang Lin, a 24-year-old Taiwanese man, has been sentenced to 30 years in prison for his role in operating Incognito Market, a significant darknet drug marketplace. This platform facilitated the sale of over one ton of illegal drugs, amounting to more than $105 million in transactions. Lin was found guilty of various charges, including conspiracy to distribute narcotics. The case illustrates the ongoing challenges law enforcement faces in combating illicit online drug trade and underscores the risks associated with the anonymity provided by darknet platforms. The long sentence reflects the severity of his actions and serves as a warning to others involved in similar activities.

Feb 4, 2026

Half of Chrome AI extensions are harvesting your data - see the surprising worst offenders

Latest news

Recent research reveals that nearly half of Chrome AI extensions are collecting user data without proper consent. Tools focused on coding, transcription, and productivity seem to be the worst offenders, raising significant privacy concerns for users. This issue could affect anyone using these extensions, as they often require extensive permissions to function. The findings suggest that many users may unknowingly expose their personal information to third parties through these seemingly helpful tools. As the use of AI technology grows, it’s crucial for users to be aware of what data they are sharing and how it might be used.

Feb 4, 2026

CISA: VMware ESXi flaw now exploited in ransomware attacks

BleepingComputer

CISA has reported that ransomware gangs are now exploiting a serious vulnerability in VMware ESXi, which allows attackers to escape sandboxes and gain unauthorized access to systems. This vulnerability, which had previously been used in zero-day attacks, poses a significant risk to organizations using affected VMware products. Companies relying on VMware ESXi for virtualization need to be particularly vigilant, as attackers are actively targeting this flaw. The exploitation of such vulnerabilities can lead to severe data breaches and financial losses. Organizations should prioritize patching their systems to mitigate this risk and protect sensitive data from potential ransomware attacks.

Feb 4, 2026

Global SystemBC Botnet Found Active Across 10,000 Infected Systems

Infosecurity Magazine

Researchers have identified the SystemBC malware, which is currently active across approximately 10,000 infected systems. This botnet is particularly concerning as it poses risks to sensitive government infrastructure, potentially exposing critical data and functionalities to malicious actors. The malware's widespread presence raises alarms about the security of various networks, especially those that manage important public services. Organizations, particularly in the public sector, need to take immediate action to secure their systems against this threat. Failure to address this could lead to significant operational disruptions and data breaches.

Feb 4, 2026

UK investigates X over Grok AI's nonconsensual image generation

SCM feed for Latest

The UK's data protection authority has initiated an investigation into X and its Irish subsidiary over allegations that the Grok AI assistant was utilized to create nonconsensual sexual images. This raises serious concerns about privacy and consent, particularly in how AI technologies are being employed. The investigation aims to determine whether X has violated data protection laws, especially regarding the generation of harmful content without individuals' consent. The implications of this investigation could lead to stricter regulations on AI use and accountability for companies developing such technologies. Users and stakeholders are closely watching this case, as it could set precedents for how AI-generated content is governed.

Feb 4, 2026