Bleeping Computer

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at ...
The Hacker News

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.
CSOonline

Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...
Hosted on MSN

A critical Erlang/OTP security flaw is "surprisingly easy" to exploit, experts warn - so patch now

Security researchers find a 10/10 flaw in Erlang/OTP SSH Horizon3 Attack Team says the flaw is "surprisingly easy" to exploit A patch is available, so users should update now Erlang/OTP SSH, a set of ...