CVE-2025-30095 - Dropbear Host Key Reuse Exposes VyOS and Debian-based Systems to SSH MITM Attacks
In early 2025, a serious security weakness has been revealed affecting VyOS versions 1.3 through 1.5 (with a fix in 1.4.2)
CVE-2025-25728 - Bosscomm IF740 Firmware Leak Exposes Sensitive Data in Plaintext API Calls
In early 2025, cybersecurity researchers disclosed a critical vulnerability—CVE-2025-25728—in the Bosscomm IF740 IoT device. This problem affects devices running Firmware versions 11001.7078
CVE-2025-26465 - OpenSSH's VerifyHostKeyDNS Flaw Enables Complex Machine-in-the-Middle Attack
In early 2025, a new security vulnerability was discovered in OpenSSH. Tracked as CVE-2025-26465, this issue impacts OpenSSH clients when the VerifyHostKeyDNS option is turned
CVE-2025-1146 - CrowdStrike Falcon TLS Validation Vulnerability Exposed
CrowdStrike is a leading cybersecurity platform trusted by organizations around the globe. Its Falcon sensor is deployed widely, especially on Linux servers and within Kubernetes
CVE-2024-12797 - How a Raw Public Key TLS Authentication Bug in OpenSSL Can Let MITM Attacks Slip Through
---
Introduction
In March 2024, a significant vulnerability—CVE-2024-12797—was disclosed in OpenSSL affecting some clients using RFC725 Raw Public Keys (RPK) for TLS or
Episode
00:00:00
00:00:00