Google warns that various threat actors, including those linked to Russia and China, are exploiting a critical flaw in WinRAR to gain access and deploy malware. This vulnerability, CVE-2025-8088, allows attackers to execute malicious code by manipulating archive files, leading to widespread attacks on multiple targets.

The U.S. government has unsealed charges against 16 individuals linked to DanaBot, a malware-as-a-service platform responsible for stealing information and causing over $50 million in losses. The FBI revealed that the malware infected more than 300,000 systems worldwide, and some defendants inadvertently exposed their identities by infecting their own computers. The operation included the seizure of servers used to control the malware and store stolen data.