A critical vulnerability, CVE-2025-2704, in OpenVPN versions 2.6.1 to 2.6.13 can crash servers and disrupt communications. It affects configurations using the –tls-crypt-v2 option, requiring a valid client key or traffic injection for exploitation. OpenVPN 2.6.14 addresses the issue. Organizations are urged to upgrade or disable this option to enhance security and prevent denial of service attacks.
OpenSSH 10.0 Released With Protocol Changes & Security Upgrades
OpenSSH 10.0, released on April 9, 2025, introduces crucial security enhancements, including the hybrid post-quantum algorithm mlkem768x25519-sha256 as the default for key agreement. It fully
