{"id":7449,"date":"2025-08-25T15:18:56","date_gmt":"2025-08-25T12:18:56","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/?p=7449"},"modified":"2025-08-25T15:19:03","modified_gmt":"2025-08-25T12:19:03","slug":"eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/","title":{"rendered":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada"},"content":{"rendered":"\n<ul class=\"wp-block-list\">\n<li>If you use WinRAR or other affected components such as the Windows versions of its command line utilities, UnRAR.dll, or the portable UnRAR source code, upgrade immediately to the latest version.<\/li>\n\n\n\n<li>ESET researchers have discovered a previously unknown zero-day vulnerability in WinRAR being exploited in the wild by Russia-aligned group RomCom<\/li>\n\n\n\n<li>Analysis of the exploit led to the discovery of the vulnerability, now assigned CVE-2025-8088: a path traversal vulnerability, made possible with the use of alternate data streams. After notification, WinRAR released a patched version on July 30th, 2025.<\/li>\n\n\n\n<li>Successful exploitation attempts delivered various backdoors used by the RomCom group, specifically a SnipBot variant, RustyClaw, and the Mythic agent.<\/li>\n\n\n\n<li>This campaign targeted financial, manufacturing, defense, and logistics companies in Europe and Canada.<\/li>\n<\/ul>\n\n\n\n<p><strong>BRATISLAVA<\/strong>\u00a0\u2014\u00a0<strong>August, 2025<\/strong>\u00a0\u2014 ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was cyberespionage. This is at least the third time that RomCom has been caught exploiting a significant zero-day vulnerability in the wild<\/p>\n\n\n\n<p>\u201cOn July 18, we observed a malicious DLL named msedge.dll in a RAR archive containing unusual paths that caught our attention. Upon further analysis, we found that the attackers were exploiting a previously unknown vulnerability affecting WinRAR, including the then-current version 7.12. On July 24, we contacted the developer of WinRAR; the same day the vulnerability was fixed in beta version with a full version released few days later. We advise WinRAR users to install the latest version as soon as possible to mitigate the risk,\u201d says ESET researcher Peter Str\u00fd\u010dek who made the discovery along with another ESET researcher Anton Cherepanov. The vulnerability, CVE-2025-8088, is a path traversal vulnerability, which is made possible via the use of alternate data streams.<\/p>\n\n\n\n<p>Disguised as an application document, the weaponized archives exploited a path traversal flow to compromise its targets. In the spearphishing email, the attackers sent a CV hoping that a curious target would open it. According to ESET telemetry, none of the targets were compromised. The attackers, however, had conducted reconnaissance beforehand and the emails were highly targeted. Successful exploitation attempts delivered various backdoors used by RomCom group \u2013 specifically, a SnipBot variant, RustyClaw, and the Mythic agent.<\/p>\n\n\n\n<p>ESET Research attributes the observed activities to RomCom with high confidence based on the targeted region, tactics, techniques, and procedures&nbsp; (TTPs), and the malware used. RomCom (also known as Storm-0978, Tropical Scorpius, or UNC2596) is a Russia-aligned group that conducts both opportunistic campaigns against selected business verticals and targeted espionage operations. The group\u2019s focus has shifted to include espionage operations collecting intelligence, in parallel with its more conventional cybercrime operations. The backdoor used by the group is capable of executing commands and downloading additional modules to the victim\u2019s machine. It is not the first time that RomCom has used exploits to compromise its victims. In 2023-06, the group performed a spearphishing campaign targeting defense and governmental entities in Europe, with lures related to the Ukrainian World Congress.<\/p>\n\n\n\n<p>\u201cBy exploiting a previously unknown zero-day vulnerability in WinRAR, the RomCom group has shown that it is willing to invest serious effort and resources into its cyberoperations. The discovered campaign targeted sectors that align with the typical interests of Russian-aligned APT groups, suggesting a geopolitical motivation behind the operation,\u201d concludes Str\u00fd\u010dek.<\/p>\n\n\n\n<p>For a more detailed analysis and technical breakdown of RomCom\u2019s latest campaign, check out the latest ESET Research blogpost \u201c<a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">RomCom exploits a new vulnerability in the wild, this time in WinRAR<\/a>\u201d on WeLiveSecurity.com. Make sure to follow&nbsp;<a href=\"https:\/\/twitter.com\/ESETresearch\" target=\"_blank\" rel=\"noreferrer noopener\">ESET Research on Twitter (today known as X)<\/a>,&nbsp;<a href=\"https:\/\/bsky.app\/profile\/esetresearch.bsky.social\" target=\"_blank\" rel=\"noreferrer noopener\">BlueSky<\/a>, and&nbsp;<a href=\"https:\/\/infosec.exchange\/@ESETresearch\" target=\"_blank\" rel=\"noreferrer noopener\">Mastodon<\/a>&nbsp;for the latest news from ESET Research.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>BRATISLAVA\u00a0\u2014\u00a0August, 2025\u00a0\u2014 ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was<\/p>\n","protected":false},"author":5,"featured_media":7453,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[148],"tags":[],"class_list":["post-7449","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada - ESET Eesti Blogi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada\" \/>\n<meta property=\"og:description\" content=\"BRATISLAVA\u00a0\u2014\u00a0August, 2025\u00a0\u2014 ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/\" \/>\n<meta property=\"og:site_name\" content=\"ESET Eesti Blogi\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/antiviirus\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-25T12:18:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-25T12:19:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"ESET Blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ESET Blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/\"},\"author\":{\"name\":\"ESET Blog\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"headline\":\"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada\",\"datePublished\":\"2025-08-25T12:18:56+00:00\",\"dateModified\":\"2025-08-25T12:19:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/\"},\"wordCount\":650,\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/1920x1080.jpg\",\"articleSection\":[\"cybersecurity\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/\",\"name\":\"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada - ESET Eesti Blogi\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/1920x1080.jpg\",\"datePublished\":\"2025-08-25T12:18:56+00:00\",\"dateModified\":\"2025-08-25T12:19:03+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/1920x1080.jpg\",\"contentUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/1920x1080.jpg\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\",\"name\":\"ESET Eesti Blogi\",\"description\":\"Uudised IT maailmast\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\",\"name\":\"ESET Blog\",\"sameAs\":[\"http:\\\/\\\/eset.ee\"],\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/author\\\/allankinsigo\\\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/08\\\/25\\\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\\\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"ESET EESTI\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada - ESET Eesti Blogi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/","og_locale":"en_US","og_type":"article","og_title":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada","og_description":"BRATISLAVA\u00a0\u2014\u00a0August, 2025\u00a0\u2014 ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was","og_url":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/","og_site_name":"ESET Eesti Blogi","article_publisher":"http:\/\/www.facebook.com\/antiviirus","article_published_time":"2025-08-25T12:18:56+00:00","article_modified_time":"2025-08-25T12:19:03+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg","type":"image\/jpeg"}],"author":"ESET Blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ESET Blog","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#article","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/"},"author":{"name":"ESET Blog","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"headline":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada","datePublished":"2025-08-25T12:18:56+00:00","dateModified":"2025-08-25T12:19:03+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/"},"wordCount":650,"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg","articleSection":["cybersecurity"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/blog.eset.ee\/et\/#organization"}},{"@type":"WebPage","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/","url":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/","name":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada - ESET Eesti Blogi","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#primaryimage"},"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg","datePublished":"2025-08-25T12:18:56+00:00","dateModified":"2025-08-25T12:19:03+00:00","author":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"breadcrumb":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#primaryimage","url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg","contentUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/08\/1920x1080.jpg","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.eset.ee\/et\/en\/"},{"@type":"ListItem","position":2,"name":"ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada"}]},{"@type":"WebSite","@id":"https:\/\/blog.eset.ee\/et\/en\/#website","url":"https:\/\/blog.eset.ee\/et\/en\/","name":"ESET Eesti Blogi","description":"Uudised IT maailmast","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.eset.ee\/et\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88","name":"ESET Blog","sameAs":["http:\/\/eset.ee"],"url":"https:\/\/blog.eset.ee\/et\/en\/author\/allankinsigo\/"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/08\/25\/eset-research-russian-romcom-group-exploits-new-vulnerability-targets-companies-in-europe-and-canada\/#local-main-organization-logo","url":"","contentUrl":"","caption":"ESET EESTI"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/7449","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=7449"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/7449\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/7453"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=7449"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=7449"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=7449"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}