Google says a WinRAR exploit for Windows is in 'widespread' use by government-backed threat actors 'linked to Russia and China'

Google has warned that well-known and already-patched exploit for the WinRAR file archiving and compression tool for Windows ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
SecurityWeek

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.
MUO on MSN

I ditched WinRAR for this open-source tool and it's not 7-Zip

All the power of 7-Zip, without the 2005 vibes.

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
How-To Geek on MSN

Stop crashing your Python scripts: How to handle massive datasets on any laptop

How chunked arrays turned a frozen machine into a finished climate model ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
TechBooky

How Hackers Spread RAT Malware via DLL Sideloading in LinkedIn Messages

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
GitHub

Extract TOTP/HOTP secrets from QR codes exported by two-factor authentication apps

The Python script extract_otp_secrets.py extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes ...