Zip Slip, Path Traversal Vulnerability during File Decompression
Overview Path traversal or directory traversal vulnerabilities are security vulnerabilities that occur mainly due to improper validation of user inputs. Attackers can read, modify, or even create new files that are originally inaccessible or located in unintended paths using relative or absolute paths. Although these vulnerabilities have been known for
RARLAB Product Security Update Advisory (CVE-2025-8088)
Overview We have released a security update to fix vulnerabilities in our RARLAB products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-8088 WinRAR (WIndows) Version: 7.12 and earlier Resolved Vulnerabilities Path traversal vulnerability in WinRAR in
WinRAR Security Update Advisory (CVE-2025-6218)
Overview We have released a security update to address a vulnerability in WinRAR. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-6218 WinRAR Versions: below 7.12 Resolved Vulnerabilities Path traversal vulnerability in WinRAR (CVE-2025-6218) Vulnerability
Detecting Akira Ransomware Attack Using AhnLab EDR
Akira is a relatively new ransomware threat actor that has been active since March 2023. Like other ransomware threat actors, they breach organizations and not only encrypt their files but also exfiltrate sensitive information to use in negotiations. As shown in the following 2024 statistics, the number of companies affected
Play Ransomware Attack Cases Detected by AhnLab EDR
Play ransomware, also known as Balloonfly or PlayCrypt, was first identified in June 2022 and has reportedly attacked over 300 organizations worldwide since then. A notable characteristic of the ransomware, which remains actively in use, is its addition of the “.PLAY” extension to files following encryption. Like other ransomware threat
