Bleeping Computer

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at ...
CSOonline

Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...
Hosted on MSN

A critical Erlang/OTP security flaw is "surprisingly easy" to exploit, experts warn - so patch now

Security researchers find a 10/10 flaw in Erlang/OTP SSH Horizon3 Attack Team says the flaw is "surprisingly easy" to exploit A patch is available, so users should update now Erlang/OTP SSH, a set of ...
CSOonline

Hackers exploit unpatched Erlang/OTP to crack OT firewalls

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...