Apr 192025 CVE-2025–24054 Under Active Attack—Steals NTLM Credentials on File Download Windows flaw CVE-2025–24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.