Bleeping Computer

PuTTY SSH client flaw allows recovery of cryptographic private keys

A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation.
Ars Technica

Any point to using SSH keys rather than passwords in my situation?

I know this has led to flame wars in the past, but I was playing around with using SSH keys to authenticate to my home server this morning, and came to the conclusion that it is better to use ...
Ars Technica

In a first, cryptographic keys protecting SSH connections stolen in new attack

For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally ...
Bleeping Computer

New SSH-Snake malware steals SSH keys to spread across the network

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. SSH-Snake was discovered by the Sysdig ...