Tag

#ntlm

2 posts tagged #ntlm.

Analysis · May 11, 2026 · Colten Anderson

The CVSS 4.3 that APT28 was already using

Microsoft shipped the fix for CVE-2026-32202 without an exploitation flag while Russian state actors had a five-month head start. Vendor-tag triage missed it. The federal deadline is tomorrow.
Analysis · May 1, 2026 · Colten Anderson

A 4.3 that mattered: the 13-day gap between patch and exploitation flag

Microsoft patched CVE-2026-32202 on April 14 without marking it exploited. APT28 had been using it since at least December. The gap between those two facts is where triage models break.