Recent reports from Trend Micro reveal that two Russia-aligned cyber groups, Earth Dahu and SHADOW-EARTH-066, are actively exploiting a path traversal vulnerability (CVE-2025-8088) in WinRAR to deploy malware targeting Ukrainian entities. Despite patches being released nearly a year ago, the continued exploitation of this flaw emphasizes the challenges organizations face in maintaining cybersecurity, particularly in high-stakes environments like Ukraine, which is experiencing ongoing cyber warfare.
For businesses, particularly those in high-risk sectors, this situation serves as a critical reminder of the importance of timely software updates and the implementation of robust cybersecurity measures. Organizations must prioritize routine vulnerability assessments and ensure that all software, especially widely used applications like WinRAR, are kept up to date. This incident not only underscores the persistent threat posed by state-sponsored cyber actors but also highlights the need for a proactive approach in cybersecurity strategies, particularly in sectors vulnerable to geopolitical tensions, as failure to act can lead to significant operational disruptions and data breaches.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/06/winrar-flaw-exploited-by-russia-aligned.html)*