Bleeping Computer

Windows 10 themes can be abused to steal Windows passwords

Specially crafted Windows 10 themes and theme packs can be used in 'Pass-the-Hash' attacks to steal Windows account credentials from unsuspecting users. Windows allows users to create custom themes ...
techtimes

Microsoft Outlook Security Flaw Exposed: NTLM v2 Passwords at Risk

A recently addressed security flaw in Microsoft Outlook has been identified as a significant threat, potentially allowing threat actors to exploit it to gain access to NT LAN Manager (NTLM) v2 hashed ...
News9Live on MSN

Windows Snipping Tool flaw exposed: PoC exploit leaks NTLM hashes silently

A critical Windows Snipping Tool vulnerability (CVE-2026-33829) allows attackers to steal Net-NTLM hashes through malicious links. The flaw exploits improper handling of deep link URIs, triggering ...
Infosecurity-magazine.com

TA577 Exploits NTLM Authentication Vulnerability

Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found ...
Dark Reading

How to Protect Your Environment From the NTLM Vulnerability

A new zero-day vulnerability in NTLM discovered by researchers at 0patch allows attackers to steal NTLM credentials by having a user view a specially crafted malicious file in Windows Explorer — no ...
Dark Reading

Microsoft NTLM Zero-Day to Remain Unpatched Until April

Microsoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure zero-day in all versions of ...
Bleeping Computer

Microsoft shares mitigations for new PetitPotam NTLM relay attack

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct ...