SECURITYTHE HACKER NEWS
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers disclosed an unpatched vulnerability in the Windows search: URI handler that could allow attackers to steal NTLMv2 hashes. The issue is similar to CVE-2026-33829, which affected the Windows Snipping Tool's ms-screensketch: URI handler, and was identified by Huntress.
Mentioned
Related Signal
Adjacent reporting
- Fortinet Issues Emergency Patch for FortiClient Zero-Day
- PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
- "Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days
- PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
- Severe Linux Copy Fail security flaw uncovered using AI scanning help
- KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike