Specially crafted Windows 10 themes and theme packs can be used in ‘Pass-the-Hash’ attacks to steal Windows account credentials from unsuspecting users. Windows allows users to create custom themes that contain customized colors, sounds, mouse cursors, and the wallpaper that the operating system will use. Windows will automatically try to login to the remote system by sending the Windows user’s login name and an NTLM hash of their password. The attacker can then harvest the credentials and dehash the password using special scripts.
Source: https://www.bleepingcomputer.com/news/microsoft/windows-10-themes-can-be-abused-to-steal-windows-passwords/