A newly discovered WinRAR vulnerability, tracked as CVE-2025-8088, has been exploited in phishing attacks to deploy RomCom malware. The flaw allows attackers to create malicious archives that can extract executables into paths that enable remote code execution when a user logs in. Users are urged to update to WinRAR 7.13 to mitigate this risk.

A critical vulnerability in the Windows NTFS file system, identified as CVE-2025-49689, allows for exploitation through specially crafted virtual disks (VHD). This vulnerability leads to multiple memory corruptions due to insufficient checks on integer overflow, facilitating potential escalation of privileges for attackers using malicious virtual disks in phishing attempts.

Google Gemini for Workspace can be exploited through prompt-injection attacks that generate misleading email summaries, potentially leading users to phishing sites without attachments or direct links. Researcher Marco Figueroa revealed this vulnerability, highlighting how hidden instructions in emails can manipulate Gemini's output, prompting users to trust false security alerts. Google is aware of the issue and is implementing defenses against such attacks.