In a shocking revelation that surprised absolutely no one who hasn’t been living in a cave since 1990, hackers have found their latest muse in WinRAR, the eternal dinosaur of file compression. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has kindly updated their Known Exploited Vulnerabilities (KEV) catalog to humor us with the news that yes, you can still exploit software that predates most millennials.

Tracked fervently as CVE-2025-6218, this vulnerability isn’t just your average bug; it’s a path traversal exploit with a CVSS score of 7.8, which in layman’s terms means, “we solemnly swear we’re up to no good.” Naturally, hackers have gleefully seized upon this opportunity like it’s the newest pumpkin spice latte.

Security experts around the globe are urging users to finally update their WinRAR versions from the Jurassic period to something more modern—like the Paleolithic era. Meanwhile, somewhere in a dimly lit basement, a hacker is now drinking champagne, knowing their decades of research in ancient software archaeology has finally paid off.