17 matches found
Microsoft - NTLMv2 Hash Capture
Titles: Microsoft - NTLMv2 Hash Capture Author: nu11secur1ty Date: 2026-05-27 Vendor: Microsoft Software: Windows Shell File Explorer Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-32202 Description: A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv...
EUVD-2025-9302
Malicious code in bioql PyPI...
Right-Click Execution - Windows LNK File Special UNC Path NTLM Leak
This module creates a malicious Windows shortcut LNK file that specifies a special UNC path in EnvironmentVariableDataBlock of Shell Link .LNK that can trigger an authentication attempt to a remote server. This can be used to harvest NTLM authentication credentials. When a victim right-click the...
Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure
Exploit Title: Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure Date: 13/08/2025 Exploit Author: Ruben Enkaoua Author link: https://x.com/RubenLabs, https://github.com/rubenformation Original Blog: https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/...
📄 Microsoft Internet Shortcut Malicious URL
This Metasploit module exploits CVE-2025-33053 by generating a malicious .URL file pointing to a trusted LOLBAS binary with parameters designed to trigger unintended behavior. Optionally, a payload is generated and hosted on a specified WebDAV directory. When the victim opens the shortcut, it wil...
CVE-2025-3033
After selecting a malicious Windows .url shortcut from the local filesystem, an unexpected file could be uploaded. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox 137 and Thunderbird 137...
CVE-2025-3033
After selecting a malicious Windows .url shortcut from the local filesystem, an unexpected file could be uploaded. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox 137 and Thunderbird 137...
CVE-2025-3033
After selecting a malicious Windows .url shortcut from the local filesystem, an unexpected file could be uploaded. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 137 and Thunderbird 137...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser.Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The software supports IMAP, POP mail protocols, and HTML mail...
YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials...
New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by...
New LNK attack tied to Higaisa APT discovered
This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe is part of a new campaign from an Advanced Persistent Threat actor known as Higaisa. The Higaisa APT is believed to be tied to the Korean peninsula, and was first disclosed by Tencent...
Microsoft Windows and Microsoft Windows Server Remote Code Execution Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in Microsoft Windows and Microsoft Windows...
CVE-2019-1188
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...
Microsoft Windows LNK File Remote Code Execution Vulnerability
Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. lnk files are a type of file used to point to other files. A remote code execution vulnerability exists in Microsoft Windows LNK files. A malicious binary file containing a malicious LNK fil...
XSS in page editor via Shortcut links
Steps to reproduce: 1. add new shortcuts with default alias like "". 2. by typing searchterms@aliasname in page editor you can trigger XSS By replacing existing shortcut with malicious one, we can easily exploit multiple users using this functionality...
Microsoft Windows Malicious Shortcut Handling Remote Code Execution Variant Vulnerability
Description Microsoft Windows is prone to a remote code execution vulnerability when handling a malicious shortcut .lnk file. An attacker can exploit this issue by crafting a malicious file and placing it on a Web site or sending it to a user through email followed by enticing them to open it and...