Security News > 2025 > April > Windows NTLM hash leak flaw exploited in phishing attacks on governments

Windows NTLM hash leak flaw exploited in phishing attacks on governments

2025-04-17 19:20

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]

News URL

https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/

#attack #leak #ntlm #phishing #windows

Related news

New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks (source)
Ukrainian military targeted in new Signal spear-phishing attacks (source)
EncryptHub linked to MMC zero-day attacks on Windows systems (source)
Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.