Ars Technica

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open ...