Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Summary + source link. No paywalls, no tracking.