Home > Security Alerts > New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges

New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges

November 1, 2025 Saturday

CVE-2025-58726 – Ghost SPNs service names referencing hostnames that don’t resolve in DNS create exploitable attack surfaces in Active Directory environments.

Latest News

HKU Connect alumni email accounts will be migrated to the Graduate M365 platform

Transition from Classic to Revamped HKU Portal: Pilot Run

2025 Awareness Week - AI in Personal Data Protection & Cybersecurity

HKU Graduate Linux accounts transition to M365 Exchange Online (EXO) platform and the way to activate Graduate Email account on EXO platform

Invitation for UAT of HKU Portal for Students

Popular Services:

uPrint
Study Rooms in Learning Commons
Software Download
Application
HKU Virtual Private Network (HKUVPN)

New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges

About ITS

Alerts

Service Request & Support