News · 122 articles
News
Latest cybersecurity news — hacks, breaches, vulnerabilities, regulatory moves
News
XZ Utils Backdoor (CVE-2024-3094) — How a Two-Year Social Engineering Operation Almost Backdoored Linux SSH: The Closest Call in Open Source History
A patient, two-year social-engineering campaign by an attacker called "Jia Tan" inserted a sophisticated backdoor into XZ Utils that would have given…
NewsregreSSHion (CVE-2024-6387) — How a Reintroduced 18-Year-Old Bug Made 14M OpenSSH Servers Vulnerable to Pre-Auth RCE: Anatomy & Lessons
A signal handler race condition reintroduced into OpenSSH in version 8.5p1 (2020) created a pre-authentication remote code execution vulnerability affecting approximately 14…