Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
Securelist
Actively Exploited
Summary
The article highlights the ongoing exploitation of NTLM-related vulnerabilities, such as NTLM relay and credential forwarding, in 2025. These vulnerabilities pose significant security risks, indicating a need for urgent attention from cybersecurity professionals to mitigate potential attacks.
Impact
Not specified
In the Wild
Yes
Timeline
Ongoing since 2025
Remediation
Implement security best practices for NTLM, disable NTLM where possible, and monitor for suspicious authentication activities.