The team Threat Group (TAG) of Google ανακάλυψε ότι πολλά hacking groups που υποστηρίζονται από κυβερνήσεις εκμεταλλεύονται την ευπάθεια CVE-2023-38831 του WinRAR in recent weeks.
The first exploits of CVE-2023-38831 have started in early 2023, a time when protection services from malware and the developer of WinRAR were not aware of the vulnerability.
While there is already an update, Google says that "many users are still vulnerable." In other words: Many WinRAR users have not updated their software to version 6.23 or later since August 2023.
We should mention that the latest version of the application is WinRAR 6.24
You can read it Google blog post for more information.