Windows Server 2025’s delegated Managed Service Accounts have been impacted by a critical design vulnerability within its password-generation computation structure that could be leveraged for indefinite cross-domain lateral movement and persistence across managed service accounts and Active Directory resources through the new Golden dMSA attack technique, according to The Hacker News.
