Threat Group: Unattributed (suspected infrastructure overlap with APT28); prior similar CVE exploited by UAC-0194 and Blind Eagle (APT-C-36) Threat Type: NTLM Hash Theft, Relay Attack Vector Exploited Vulnerabilities: CVE-2025-24054 (NTLM Hash Disclosure via .library-ms), variant of CVE-2024-43451 Malware Used: None directly tied; secondary payloads possible (RATs, e.g., SparkRAT in