Ars Technica

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open ...
Bleeping Computer

WinRAR zero-day exploited since April to hack trading accounts

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency ...