Tag: cve 2025 8088
4 articles

Turla Unveils STOCKSTAY Backdoor in Ukraine Espionage Campaigns
Russian hackers, specifically the state-sponsored group Turla, have unleashed a new and stealthy backdoor called STOCKSTAY in a recent espionage campaign targeting Ukraine. This sneaky malware uses a secure WebSocket connection to communicate with its command center, making it a formidable tool for cyber spies.

Russia-Aligned Groups Exploit WinRAR Flaw to Deploy Stealers in Ukraine
Despite a July 2025 patch, a vulnerability in WinRAR, known as CVE-2025-8088, continues to be exploited by Russia-aligned groups, including SHADOW-EARTH-066, to deploy stealers in Ukraine. This highlights the risks of unmanaged software leaving exploited entry points open long after a fix is released.

Gamaredon Exploits WinRAR Flaw to Deliver GammaWorm, GammaSteel Malware
Cyber attackers have cleverly exploited a WinRAR flaw to unleash a potent malware duo, GammaWorm and GammaSteel, with the goal of taking control of infected systems and executing malicious scripts. This sneaky tactic, spotted by French cybersecurity firm Sekoia, allows hackers to fingerprint host systems, manipulate network settings, and fetch additional payloads from command and control servers.

FSB-Linked Worm Exploits Windows Flaw to Evade Detection
Cyber attackers have cleverly exploited a known Windows flaw, CVE-2025-8088, to sneak a malicious payload into victims' systems, allowing them to gain access and lay the groundwork for further attacks. This stealthy move was uncovered by Sekoia, which tracked the initial access stage as GammaPhish.