CVE-2025-24054: "Challenge Accepted"
CybersecurityVulnerabilitiesAPT GroupsGovernment Targets
This content is an AI-generated summary. If you encounter any misinformation or problematic content, please report it to cyb.hub@proton.me.
Microsoft classified the vulnerability CVE-2025-24054 as "less likely to be exploited" during Patch Tuesday. However, just eight days later, this vulnerability was exploited against government targets in Poland and Romania. A video explains how a simple .library-ms file can disclose your NTLM hash with a single click. The attack is potentially linked to the Russian-backed group APT28, known as Fancy Bear.