Google Warns of Active Exploitation of Critical WinRAR Vulnerability by State-Backed and Cybercriminal Groups

On January 14, 2026, Google reported that malicious actors, including state-sponsored groups (from Russia and China) and financially motivated cybercriminals, are actively exploiting the critical vulnerability CVE-2025-8088 in WinRAR. This flaw, discovered and patched in July 2025, allows initial access and the deployment of various malicious payloads. No additional technical details about the payloads or exploitation methods have been provided.