Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanaged software keeps an exploited entry point open long after the fix ships.
This blog discusses the steganography, cloud abuse, and email-based backdoorsβ―used against theβ―Ukrainianβ―defense supply chainβ―in the latest Pawn Storm campaign that TrendAIβ’ Research observed and analyzed.
In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision Oneβ’ platform.
Login
