New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Two security vulnerabilities have been discovered in OpenSSH that could enable man-in-the-middle (MitM) attacks and denial-of-service (DoS) attacks. The MitM vulnerability affects versions 6.8p1 to 9.9p1 when the VerifyHostKeyDNS option is enabled, letting attackers impersonate legitimate servers. The DoS vulnerability affects versions 9.5p1 to 9.9p1, leading to resource exhaustion. Both issues are fixed in OpenSSH 9.9p2, which was released Tuesday.
Microsoft reminds admins to prepare for WSUS driver sync deprecation
Microsoft will deprecate driver synchronization in Windows Server Update Services (WSUS) on April 18, reminding enterprises to switch to cloud-based solutions like Windows Autopatch, Azure Update Manager, and Microsoft Intune. After this date, drivers will still be available on the Microsoft Update catalog but can’t be imported into WSUS. Although WSUS was deprecated in 2024, Microsoft is maintaining existing functionality and continue publishing updates through the channel.
Zwipe runs out of time for biometric card revenues, files for bankruptcy
Norwegian company Zwipe was ordered to pay Idex Biometrics $702,000 plus additional costs over a warranty dispute but struggled to secure financing to avoid insolvency. Zwipe ordered 300,000 fingerprint biometric sensors from Idex in 2020 following an exclusive partnership arrangement. Zwipe has now filed for bankruptcy, and a bankruptcy trustee in Oslo will oversee the process. Founded back in 2009, Zwipe wanted to commercialize biometric payment cards but faced financial challenges.
How Phished Data Turns into Apple & Google Wallets
Krebs on Security reports that Chinese cybercrime groups are reviving the “carding” industry – that’s the the underground business of stealing, selling and swiping stolen payment card data- by using advanced phishing kits to steal payment card data and convert it into mobile wallets, which are then loaded onto devices for fraudulent use. These phishing campaigns exploit both Apple iMessage and Google’s RCS to bypass traditional SMS security and link stolen card details to mobile wallets by tricking victims into providing one-time verification codes. The stolen wallets are then sold in bulk or used for fraudulent transactions, contributing to an estimated $15 billion in annual losses.
(Krebs on Security)
Huge thanks to our sponsor, Scrut Automation
Ecuador’s legislature says hackers attempted to access confidential information
Ecuador’s National Assembly experienced two cyberattacks on Monday, just a week after its general election. In a statement the assembly said it was able to quickly “identify and counteract the situation” but didn’t provide any more info.This incident follows a series of cyberattacks on prominent organizations in Ecuador, including Radio Pichincha, the national civil registry, and the national election agency. In recent years, cyberattacks have also targeted Banco Pichincha, highlighting ongoing cybersecurity challenges in the country.
Juniper patches critical auth bypass in Session Smart routers
Juniper Networks patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices, including Session Smart Conductor and WAN Assurance Managed Routers. Although no attacks have been detected yet, administrators are being urged to upgrade to the fixed versions. Juniper devices are frequent targets due to their use in critical environments, with previous vulnerabilities being exploited soon after patches were released.
Windows 11 update breaks File Explorer – among other glitches
Microsoft’s February Patch Tuesday update for Windows 11 fixed several bugs and security vulnerabilities but introduced new issues, including File Explorer malfunctions, installation failures, and various system glitches. Users reported problems with opening folders, context menus not appearing, and installation errors, even on systems without third-party customizations. Windows 11 24H2 has been notably problematic, raising concerns as the October 2025 Windows 10 support cutoff approaches.
(ZDNET)
US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware
US newspaper publisher Lee Enterprises experienced a cyberattack that encrypted critical applications and exfiltrated files, telling the Securities and Exchange Commission (SEC) that “threat actors unlawfully accessed the company’s network, encrypted critical applications, and exfiltrated certain files” The attack disrupted product distribution, billing, and other operations, with full recovery expected to take weeks. There isn’t evidence of compromised sensitive data yet, but the breach is likely to impact the company’s financials, and cybersecurity insurance is expected to help cover costs.