BleepingComputer reports that government organizations and private firms have been subjected to attacks exploiting the recently patched Windows NTLM hash leak vulnerability, tracked as CVE-2025-24054, as part of separate phishing campaigns between Mar. 20 and Mar. 25, with one of the identified IP addresses associated with Russian state-backed threat operation APT28, also known as Fancy Bear.
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
Article Link: https://www.scworld.com/brief/phishing-campaigns-abuse-windows-ntlm-hash-leak-bug