Mastodawn

theschles Mar 30, 2024

If the reporting is correct, a back door for the XZ compression library only made it to somewhat on the edge Linux distributions (Debian Testing & Unstable and Fedora Rawhide/41 to name a couple). Still, no bueno: https://hackaday.com/2024/03/29/security-alert-potential-ssh-backdoor-via-liblzma/ #LinuxSecurity #SSHBackdoor #Cybersecurity

Security Alert: Potential SSH Backdoor Via Liblzma

In breaking news that dropped just after our weekly security column went live, a backdoor has been discovered in the xz package, that could potentially compromise SSH logins on Linux systems. The m…

Hackaday

ITSEC News Jan 6, 2021

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw - More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerab... https://threatpost.com/cybercriminals-exploits-zyxel-flaw/162789/ #networkingdevice #vulnerabilities #activescanning #cve-2020-29583 #routertakeover #activeexploit #cybercriminal #vulnerability #sshbackdoor #firewalls #exploit #hacks #zyfwp #zyxel #vpn

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.

Threatpost - English - Global - threatpost.com