Security News > 2025 > April > Windows NTLM hash leak flaw exploited in phishing attacks on governments

2025-04-17 19:20
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]
News URL
Related news
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- iOS devices face twice the phishing attacks of Android (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Play ransomware exploited Windows logging flaw in zero-day attacks (source)