Russia and China-backed Hackers Are Exploiting WinRAR Zero-Day Bug, Google Says

Google security researchers say they have found evidence that government-backed hackers linked to Russia and China are exploiting a since-patched vulnerability in WinRAR, the popular shareware archiving tool for Windows. From a report: The WinRAR vulnerability, first discovered by cybersecurity company Group-IB earlier this year and tracked as CVE-2023-38831, allows attackers to hide malicious scripts in archive files that masquerade as seemingly innocuous images or text documents. Group-IB said