SSH protocol flaw – Terrapin Attack CVE-2023-48795: All you need to knowjfrog.com3 points·by uraid·há 3 anos·0 comments
Attackers are starting to target .NET developers with malicious NuGet packagesjfrog.com1 points·by uraid·há 3 anos·0 comments
Examining OpenSSH Sandboxing and Privilege Separation – Attack Surface Analysisjfrog.com3 points·by uraid·há 3 anos·0 comments
OpenSSH Pre-Auth Double Free – Writeup and Proof-of-Conceptjfrog.com161 points·by uraid·há 3 anos·102 comments
uraid·há 3 anos·discussThis is exploitable in the latest Archlinux 2023.02.01. Also, this doesn't require enabling old key exchange algorithms.