Phishing campaigns abuse Windows NTLM hash leak bug

BleepingComputer reports that government organizations and private firms have been subjected to attacks exploiting the recently patched Windows NTLM hash leak vulnerability, tracked as CVE-2025-24054, as part of separate phishing campaigns between Mar. 20 and Mar. 25, with one of the identified IP addresses associated with Russian state-backed threat operation APT28, also known as Fancy Bear.

Introduction to Malware Binary Triage (IMBT) Course

Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.

Enroll Now and Save 10%: Coupon Code MWNEWS10

Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.

Article Link: https://www.scworld.com/brief/phishing-campaigns-abuse-windows-ntlm-hash-leak-bug