Security researchers identified a critical vulnerability (CVE-2023-38408) in OpenSSH’s agent forwarding feature, affecting versions before 9.3p2, with a CVE score of 9.8. It allows remote code execution on compromised systems via SSH agent forwarding. Recommended mitigations include upgrading to OpenSSH 9.3p2 and cautious use of PKCS#11 providers, highlighting the security risks in convenient features.
Who’s driving ransomware’s accelerated growth in 2025
The article examines the tactics used by the Internet Advertising Bureau (IAB), their connections to ransomware groups, and the services they provide.
