OpenSSH – TheCyberThrone

RegreSSHion Vulnerability -CVE-2024-6387

Qualys has revealed details about a security vulnerability they have discovered within the OpenSSH server that could lead to remote, unauthenticated code execution. They have dubbed the vulnerability as "RegreSSHion"…

PravinKarthik July 1, 2024

Terrapin Attack in OpenSSH

Security researchers have identified a new threat targeting the integrity of Secure Shell (SSH) communications called as the Terrapin Attack. The Terrapin Attack is a prefix truncation assault against the…

PravinKarthik December 19, 2023

CVE-2023-38408: OpenSSH RCE Vulnerability

Researchers from Qualys Security has discovered a remote code execution vulnerability in OpenSSH’s forwarded ssh-agent tracked as CVE-2023-38408. OpenSSH is an open-source implementation of the SSH protocol, offers a robust…

PravinKarthik July 20, 2023

OpenSSH Trojanized Campaign

Researchers have discovered a sophisticated attack campaign that exploits custom and open-source tools to target Linux-based systems and IoT devices. The attack campaign involves a C2 that uses a subdomain…

PravinKarthik June 24, 2023

OpenSSH PreAuth Double Free Vulnerability ! Patch it

OpenSSH 9.2 version has been released to address several security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). The memory safety bug tracked as CVE-2023-25136, the shortcoming…

PravinKarthik February 7, 2023