WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April
arstechnica.com
Vulnerability allows hackers to execute malicious code when targets open malicious ZIP files.