WinRAR: When Shadow IT becomes a gateway for hackers. š“āā ļø
- Aug 20, 2025
- 1 min read
Thank you to JĆ©rĆ“me AllassonniĆØre for sharing.
#WinRAR has just been the victim of a critical security vulnerability (CVE-2025-8088) exploited by the Russian group RomCom.
Typically, we are right in the middle of the #ShadowIT I don't know of any IT department that officially authorizes its use.
This vulnerability allows malware to be installed via infected files.
Upgrading to version 7.13 is imperativeā¦ and manual.
Shadow IT is not just a compliance issue, it is also a direct risk to the company's security.
![[Technical Watch] š End of SharePoint and OneDrive OTPs for guests](https://static.wixstatic.com/media/dc9514_9d47a979fc9f428ea32a4c686f906ff4~mv2.jpg/v1/fill/w_980,h_980,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/dc9514_9d47a979fc9f428ea32a4c686f906ff4~mv2.jpg)
![[Cyber-vigilance]: Anatomy of a #Smishing (SMS phishing) attempt](https://static.wixstatic.com/media/dc9514_a88c53cf91814a5680b75a3d02ed3cd2~mv2.png/v1/fill/w_896,h_1195,al_c,q_90,enc_avif,quality_auto/dc9514_a88c53cf91814a5680b75a3d02ed3cd2~mv2.png)
