Bleeping Computer

Windows NTLM hash leak flaw exploited in phishing attacks on governments

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw ...
Bleeping Computer

Hackers steal Windows NTLM authentication hashes in phishing attacks

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. TA577 is considered an initial ...
Infosecurity-magazine.com

NTLM Hash Exploit Targets Poland and Romania Days After Patch

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...
Dark Reading

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

Multiple attackers are actively exploiting a recently patched Windows vulnerability that exposes authentication credentials, despite Microsoft releasing a fix for it in March. CVE-2025-24054 is an ...
CSOonline

Malicious email campaign steals NTLM hashes

An initial access broker is able to grab authentication information when a victim opens the email attachments for access to Windows networks. A threat group that acts as an initial access broker is ...
Dark Reading

How to Protect Your Environment From the NTLM Vulnerability

A new zero-day vulnerability in NTLM discovered by researchers at 0patch allows attackers to steal NTLM credentials by having a user view a specially crafted malicious file in Windows Explorer — no ...