Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.