Image: Rarlab

If you use WinRAR, it’s time to update to the latest version after a serious security vulnerability has been discovered that’s already in use by attackers. Google’s Threat Analysis Group (TAG) has found that multiple government-backed hacking groups have been exploiting the WinRAR vulnerability since early 2023.

“A patch is now available, but many users still seem to be vulnerable,” says TAG in a blog post detailing the WinRAR exploit. “TAG has observed government-backed actors from a number of countries exploiting the WinRAR vulnerability as part of their operations.”

WinRAR versions 6.24 and 6.23 both include a fix for the security hole, but the app doesn’t update automatically, so you’ll have to manually download and install the…

Continue reading…

 The Verge – All Posts 

Author