2025's OpenSSH MitM key-confusion flaw hit exactly where silos trust each other. Host-key verification, certificate-based SSH and PKI hygiene across the boundary.
Draft outline · Security / cryptography lensIn February 2025 Qualys TRU disclosed CVE-2025-26465 (a machine-in-the-middle flaw where the client can accept an attacker's key, breaking connection integrity) and CVE-2025-26466 (a pre-auth denial of service), on top of 2024's regreSSHion RCE (CVE-2024-6387). SSH trust between silos is exactly where a key-confusion bug bites.
Original research disclosing the flaws and explaining the machine-in-the-middle mechanism.
Independent technical reporting on impact and remediation for a general reader.
A cryptography and security piece that grounds the cross-silo auth plumbing in a concrete 2025 vulnerability. It shows the practical, hands-on detail (host keys, SSH certs, PKI) that signals experienced practitioners rather than slideware.