Bleeping Computer

Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by ...
CNET

New SSH Exploit Can Affect Mac OS X

According to a post on the Full Disclosure mailing list, a new SSH exploit has been found that can potentially allow someone to remotely access the target computer as root. This security hole affects ...
CSOonline

Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...
CSOonline

Hackers exploit unpatched Erlang/OTP to crack OT firewalls

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...
Dark Reading

10 Steps to Detect, Prevent, and Remediate the Terrapin Vulnerability

New vulnerabilities emerge into the spotlight almost daily, capturing the public's attention for a fleeting moment before the next sinister incident comes along. This time, the Terrapin vulnerability ...
Bleeping Computer

Exploit released for critical VMware SSH auth bypass vulnerability

Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network ...
Ars Technica

Damnit Apple, Patch SSH

It has been almost a week since the SSH exploit/patch came out. This is getting a little ridiculous. I can't completely tell how serious this hole is, but I don't feel too safe leaving SSH enabled on ...