Tag Archives: Zero-Day Vulnerability

ESET Warns of Zero-Day in WinRAR Exploited by RomCom, Urges Immediate Update

(IN BRIEF) ESET has discovered CVE-2025-8088, a zero-day path traversal vulnerability in WinRAR exploited by the Russia-aligned RomCom group in targeted spearphishing campaigns against organizations in Europe and Canada. The flaw, patched on July 30, 2025, was used to deliver … Read the full press release

Winter Vivern Exploits Zero-Day Vulnerability in Roundcube Webmail Servers to Target European Governments

(IN BRIEF) ESET researchers have uncovered Winter Vivern’s exploitation of a zero-day XSS (Cross-Site Scripting) vulnerability in the Roundcube Webmail server. The cyberespionage group targeted Roundcube Webmail servers of governmental entities and a think tank in Europe, compromising email systems. … Read the full press release