Microsoft disclosed a vulnerability, CVE-2025-26633, affecting the Microsoft Management Console (MMC). A known threat actor called EncryptHub is exploiting it.