If you’re still using WinRAR, watch out for this dangerous exploit – and please stop

Scammers have been found trying to spread the VenomRAT malware by disguising it as a proof-of-concept (PoC) for a newly discovered WinRAR vulnerability.

Cybersecurity researchers at Unit 42 (Palo Alto Networks) recently found a piece of code uploaded to GitHub claiming to be a PoC for CVE-2023-40477. This is a flaw that allows threat actors to execute arbitrary code on target endpoints if victims run a custom RAR file in WinRAR that is older than version 6.23.