A critical vulnerability in Windows Server 2025 that enables attackers to compromise any user in Active Directory, including highly privileged accounts. Dubbed “BadSuccessor,” this attack exploits a feature called delegated Managed Service Accounts (dMSA) and works by default in environments with at least one Windows Server 2025 domain controller. Akamai researcher Yuval Gordon, who discovered […]
The post New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory Users appeared first on Cyber Security News.
This article has been indexed from Cyber Security News