System Administration | Breaking Cybersecurity News | The Hacker News

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 (CVSS score: 6.8)  - The OpenSSH client contains a logic error between versions 6.8p1 to 9.9p1 (inclusive) that makes it vulnerable to an active MitM attack if the VerifyHostKeyDNS option is enabled, allowing a malicious interloper to impersonate a legitimate server when a client attempts to connect to it (Introduced in December 2014) CVE-2025-26466 (CVSS score: 5.9) - The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption (Introduced in August 2023) "If an attacker can perform a man-in-the-middle a...

A group of hackers recently attacked and took offline several websites belonging to credit-card sharing groups, security experts, and other hacking communities that had neglected basic security practices. On Christmas morning, the administrators of six websites discovered their sites had been hacked. According to a newsletter published by the hackers on Dec. 25, the second issue of "Owned and Exposed" listed carders.cc, ettercap, exploit-db, backtrack, inj3ct0r, and free-hack as compromised sites. Free-hack was targeted for being "lame script kiddies," while the other sites had criminal ties or were security experts criticized for their poor security practices, as noted in the e-zine. Mati Aharoni, the administrator of exploit-db, a site cataloging known exploits and vulnerabilities, admitted the breach in a blog post but mentioned that the damage was minimal. "Other than our egos, the damage is not severe," Aharoni wrote. The hackers posted a copy of th...

Fedora 14, known as "Laughlin," officially launched on Tuesday, offering numerous new features aimed at enhancing the user experience for this open-source desktop operating system. Usability Focus In recent releases, Fedora, sponsored by Red Hat, has concentrated on improving usability. According to DistroWatch, Fedora is the second most popular Linux distribution after Ubuntu. Recent improvements have targeted networking, software management, and hardware support, focusing on bug fixes and stability in the latest release. Enhanced Desktop Environment One significant addition to Fedora 14 is "libjpegturbo," a library that dramatically improves performance for users loading and saving JPEG images. This library "practically halves processing time on most systems," claim the developers, even benefiting those on older hardware. Another notable feature is SPICE (Simple Protocol for Independent Computing Environment), a desktop virtualization framework enha...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...