CVE-2025-24071 - Filter netNTLMv2 Credentials with a simple ZIP
In this blog post, a proof-of-concept (PoC) is presented that demonstrates how a malicious `.library-ms` file can be used to capture netNTLMv2 credentials without the need for the victim to interact with the file. Simply unzipping the file is enough to trigger the vulnerability (CVE-2025-24071).