{"uuid": "bcc9421d-24db-436c-9adc-efe6e5bf659a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38831", "type": "exploited", "source": "https://t.me/KomunitiSiber/698", "content": "WinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders\nhttps://thehackernews.com/2023/08/winrar-security-flaw-exploited-in-zero.html\n\nA recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal.\nThe vulnerability, cataloged as\u00a0CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possible to launch malicious scripts contained within an archive that masquerades as seemingly innocuous image or text files.", "creation_timestamp": "2023-08-24T13:40:57.000000Z"}