WinRAR: When Shadow IT becomes a gateway for hackers. š“āā ļø
- Aug 20, 2025
- 1 min read
Thank you to JĆ©rĆ“me AllassonniĆØre for sharing.
#WinRAR has just been the victim of a critical security vulnerability (CVE-2025-8088) exploited by the Russian group RomCom.
Typically, we are right in the middle of the #ShadowIT I don't know of any IT department that officially authorizes its use.
This vulnerability allows malware to be installed via infected files.
Upgrading to version 7.13 is imperativeā¦ and manual.
Shadow IT is not just a compliance issue, it is also a direct risk to the company's security.
![[Customer Case] šØ "Vincent, my website is selling medication... without my knowledge!"](https://static.wixstatic.com/media/dc9514_eb30f04ff0a2497c8ce3e18e4fc693e9~mv2.png/v1/fill/w_980,h_561,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/dc9514_eb30f04ff0a2497c8ce3e18e4fc693e9~mv2.png)
![[Technical Watch] Windows displays Secure Boot status: the end of the blind spot?](https://static.wixstatic.com/media/dc9514_1d634b64a2ca4f369289737a34b7a4a5~mv2.png/v1/fill/w_980,h_617,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/dc9514_1d634b64a2ca4f369289737a34b7a4a5~mv2.png)