WinRAR: When Shadow IT becomes a gateway for hackers. 🏴‍☠️

Thank you to Jérôme Allassonnière for sharing.

#WinRAR has just been the victim of a critical security vulnerability (CVE-2025-8088) exploited by the Russian group RomCom.

Typically, we are right in the middle of the #ShadowIT I don't know of any IT department that officially authorizes its use.

This vulnerability allows malware to be installed via infected files.

Upgrading to version 7.13 is imperative… and manual.

Shadow IT is not just a compliance issue, it is also a direct risk to the company's security.