Dark Reading

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

Multiple attackers are actively exploiting a recently patched Windows vulnerability that exposes authentication credentials, despite Microsoft releasing a fix for it in March. CVE-2025-24054 is an ...
Bleeping Computer

Microsoft Word subDoc Feature Abused to Steal Windows Credentials

The security research team at Rhino Labs, a US-based cyber-security company, has discovered that malicious actors can use a lesser-known Microsoft Word feature called subDoc to trick Windows computers ...