The developers of WinRAR have issued an emergency patch after discovering that a zero-day vulnerability, tracked as CVE-2025-8088, is being exploited in the wild. The flaw, rated 8.8 on the CVSS scale, allows specially crafted archive files to escape the intended extraction path, drop malware into the Windows start-up folder and seize control of a victim’s PC. Threat-intelligence firm BI.ZONE has linked the attacks to a Russian-speaking group known as Paper Werewolf. Security researchers say the hackers have combined CVE-2025-8088 with a previously fixed directory-traversal bug to increase their chances of remote code execution on unpatched systems. Users are urged to upgrade immediately to WinRAR version 7.13, which fully addresses the path-traversal weakness. Organisations that cannot patch at once are advised to block inbound e-mail attachments containing RAR files and to monitor networks for signs of suspicious archive activity.