A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions.

From zero-click iOS exploits to NTLM credential leaks and the 4Chan breach — this week’s cyber threats hit where trust runs ...

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw ...

0patch has also disclosed other NTLM hash disclosure flaws in the past, like PetitPotam, PrinterBug/SpoolSample, and DFSCoerce, which are yet to receive a patch. Update March 25, 16:49 EDT: Added ...

In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in ...

A vulnerability in Windows that exposes NTLM hashes via .library-ms files is currently being actively exploited by hackers in phishing campaigns targeting government agencies and private companies.

该漏洞会影响 Windows 的 NTLM 身份验证协议，为未经授权的攻击者通过欺骗漏洞渗透系统创造了机会。 漏洞概述 此漏洞允许威胁行为者从外部控制 Windows NTLM 使用的文件名或路径，这可能会导致通过网络连接无意中泄露哈希凭据。 根据 Microsoft 的公告，与受害者 ...

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...

April 20, 2025: With word of an Easter update coming “soon,” we’re back to looking for new GPO codes. What are the new GPO codes? We’ve got the lot! Often topping the charts when it comes ...