Security Boulevard

Preventing Breaches – MFA on Remote Access to Linux, Unix, and Infrastructure Systems

Most breaches don’t start with malware or zero-day exploits. They start with a login.  An attacker gets hold of a password, maybe through phishing, reuse, or a leaked credential dump. They test it ...
GizChina

Chinese Hackers Hijack Linux Network Devices via SSH

A Chinese hacking group, called Evasive Panda (or DaggerFly), has found a new way to attack Linux-based network devices. By using the SSH (Secure Shell) daemon, the group adds malware to systems, ...
Bleeping Computer

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at ...
HHS

PumaBot Malware Targets Linux IoT Devices

A botnet targeting Internet of Things devices running on the Linux operating system works by brute forcing credentials and downloading cryptomining software. See Also: Cracking the Code: Securing ...
Bleeping Computer

Hackers infect Linux SSH servers with Tsunami botnet malware

An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege ...
ZDNet

The best SSH clients for MacOS

I regularly log in remotely to machines on my local area network. To do that, I use secure shell (SSH). I often default to the terminal but sometimes I prefer a graphical user interface (GUI) app that ...
Ars Technica

SSH protects the world’s most sensitive networks. It just got a lot weaker

Sometime around the start of 1995, an unknown person planted a password sniffer on the network backbone of Finland’s Helsinki University of Technology (now known as Aalto University). Once in place, ...