Security News > 2025 > April > Windows NTLM hash leak flaw exploited in phishing attacks on governments

2025-04-17 19:20
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]
News URL
Related news
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)