https://hackingpassion.com/tags/path-traversal/Recent content in Path Traversal on HackingPassion.com : root@HackingPassion.com-[~]HugoenTue, 30 Jun 2026 11:05:19 +0200https://hackingpassion.com/winrar-rar-startup-folder-attack/Tue, 30 Jun 2026 11:05:19 +0200https://hackingpassion.com/winrar-rar-startup-folder-attack/<p>You unzipped a file with WinRAR, the way you always do. Nothing on screen looked wrong. The next morning you logged in and malware was already running, and the only thing you did was open an archive someone emailed you.</p> <p>In July 2025, ESET researchers spotted a file called <code>msedge.dll</code> sitting inside a RAR archive, in a folder path that made no sense. That odd path turned out to be a brand new flaw in WinRAR, and someone was already using it in attacks while it was still unknown. That was last summer, and it has not stopped since.</p>