This detection rule is designed to identify attempts to exploit the vulnerability CVE-2025-8088 through malicious attachments in the form of RAR files. The rule monitors inbound traffic for any attachments that are recognized as RAR files, determined by their content type, file extension, or file type. It also checks the size of the file to ensure it is under 10 megabytes, reducing the possibility of processing large benign RAR archives. The core mechanism involves exploding the RAR files upon detection, which refers to the process of extracting the contents for further analysis. The presence of any YARA matches, particularly those scanning for the signature "WinRAR_CVE_2025_8088," indicates a potential exploitation attempt. If such conditions are met, it raises an alert for further investigation, categorizing it under the high severity due to its potential to deliver malware or ransomware.