CyberSecurityBoard
Sponsor Register Login

OpenSSH 10.0 Released With Protocol Changes & Security Upgrades

The release notes explain this change by stating that finite field Diffie-Hellman “is slow and computationally expensive for the same security level as Elliptic Curve DH or PQ key agreement while offering no redeeming advantages”. With its robust security improvements and forward-looking cryptographic defaults, OpenSSH 10.0 represents a significant advancement for secure remote connectivity in an increasingly security-conscious computing environment. This milestone version introduces substantial protocol changes, enhanced security features, and critical improvements to prepare for quantum computing threats. This separation ensures that “the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection,” significantly improving security isolation. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This weak algorithm has been fully removed after repeated warnings over the past year, marking a significant step toward stronger security standards across the SSH ecosystem. The release also addresses a security vulnerability in the DisableForwarding directive, which previously failed to properly disable X11 forwarding and agent forwarding as documented. According to the release notes, this NIST-standardized algorithm “is guaranteed to be no less strong than the popular curve25519-sha256 algorithm” while offering better performance than previous defaults. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. Users are encouraged to upgrade promptly to benefit from enhanced security features and improved functionality. OpenSSH 10.0, a significant update to the widely adopted secure remote login and file transfer toolset, was officially released on April 9, 2025. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 10 Apr 2025 05:21:00 +0000


Cyber News related to OpenSSH 10.0 Released With Protocol Changes & Security Upgrades

CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
6 years ago
CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
6 years ago
Critical OpenSSH vulnerability could affect millions of servers - Qualys disclosed a critical OpenSSH vulnerability and warned that more than 14 million potentially vulnerable server instances are exposed to the internet. In a blog post on Monday, Bharat Jogi, senior director of Qualys' Threat Research Unit, ...
11 months ago Techtarget.com CVE-2024-6387 CVE-2006-5051 CVE-2008-4109 CVE-2006- 5051
Openssh Flaw Exposes Millions of Linux to Arbitrary Code Attacks - A critical vulnerability has been discovered in OpenSSH, a widely used implementation of the SSH protocol, which could potentially expose millions of Linux systems to arbitrary code execution attacks. The flaw, identified in the sshd(8) component of ...
11 months ago Cybersecuritynews.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
New OpenSSH flaws expose SSH servers to MiTM and DoS attacks - "The attack against the OpenSSH client (CVE-2025-26465) succeeds regardless of whether the VerifyHostKeyDNS option is set to "yes" or "ask" (its default is "no"), requires no user interaction, and does not depend on the existence of an SSHFP resource ...
4 months ago Bleepingcomputer.com CVE-2025-26465 CVE-2025-26466
Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability - On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers on glibc-based Linux systems. Using Palo Alto Networks Xpanse data, we observed 23 million instances of OpenSSH servers including all versions. ...
11 months ago Unit42.paloaltonetworks.com CVE-2024-6387 CVE-2006-5051 CVE-2008-4109
Debian and Ubuntu Fixed OpenSSH Vulnerabilities - Debian and Ubuntu have released security updates for their respective OS versions, addressing five flaws discovered in the openssh package. In this article, we will delve into the intricacies of these vulnerabilities, shedding light on their nature ...
1 year ago Securityboulevard.com CVE-2021-41617
OpenSSH 10.0 Released With Protocol Changes & Security Upgrades - The release notes explain this change by stating that finite field Diffie-Hellman “is slow and computationally expensive for the same security level as Elliptic Curve DH or PQ key agreement while offering no redeeming advantages”. With ...
2 months ago Cybersecuritynews.com
Critical OpenSSH Flaw Enables Full System Compromise - Over 14 million OpenSSH instances exposed to the internet are now at risk following the discovery of a critical vulnerability in OpenSSH's server, according to a new analysis by Qualys. The remote unauthenticated code execution vulnerability could ...
11 months ago Infosecurity-magazine.com CVE-2006-5051 CVE-2008-4109
Google Chrome now auto-upgrades to secure connections for all users - Google has taken a significant step towards enhancing Chrome internet security by automatically upgrading insecure HTTP requests to HTTPS requests for 100% of users. A limited rollout of this feature in Google Chrome began in July, but as of October ...
1 year ago Bleepingcomputer.com
How To Implementing MITRE ATT&CK In SOC Workflows - A Step-by-Step Guide - By understanding the framework, mapping your current capabilities, developing targeted detection and response strategies, and integrating ATT&CK into your tools and processes, you can build a proactive, threat-informed defense that evolves ...
2 months ago Cybersecuritynews.com
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack - Millions of OpenSSH servers could be affected by a newly disclosed vulnerability that can be exploited for unauthenticated remote code execution. The flaw, tracked as CVE-2024-6387 and named regreSSHion, was discovered by the threat research unit at ...
11 months ago Securityweek.com CVE-2024-6387 CVE-2006-5051
New regreSSHion OpenSSH RCE bug gives root on Linux servers - OpenSSH is a suite of networking utilities based on the Secure Shell protocol. It is extensively used for secure remote login, remote server management and administration, and file transfers via SCP and SFTP. The flaw, discovered by researchers at ...
11 months ago Bleepingcomputer.com CVE-2024-6387 CVE-2006-5051 CVE-2008-4109
A Fix is Available for a Security Flaw that Could Allow Unauthorized Access Before Authentication - The maintainers of OpenSSH have released a new version, 9.2, to fix a number of security issues, including a memory safety vulnerability in the OpenSSH server. This vulnerability, tracked as CVE-2023-25136, is a pre-authentication double free ...
2 years ago Thehackernews.com CVE-2023-25136
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
CVE-2007-0228 - The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) ...
7 years ago
CVE-2023-48795 - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client ...
6 months ago
OpenSSH Vulnerabilities Expose Clients and Servers to MitM & DoS Attacks - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With OpenSSH integral to enterprise infrastructure, these vulnerabilities pose significant risks to data integrity, system ...
4 months ago Cybersecuritynews.com CVE-2025-26465 CVE-2025-26466
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
1 year ago Feeds.dzone.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
8 months ago Helpnetsecurity.com
Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
2 months ago Cybersecuritynews.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
1 year ago Bleepingcomputer.com CVE-2023-20588
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server - The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH's server in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler ...
11 months ago Blog.qualys.com CVE-2024-6387 CVE-2006-5051

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)