CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed since March 19, 2025, potentially allowing attackers to leak NTLM hashes or user passwords and compromise systems,” Check Point researchers have shared. About CVE-2025-24054 CVE-2025-24054 allows attackers to capture the NTLMv2 response (i.e., the NTLMv2-SSP … More
The post Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) appeared first on Help Net Security.
This article has been indexed from Help Net Security