The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

In this article 1. Pre-encryption 2. File encryption 3. Post-encryption 4. Defending against The Gentlemen ransomware 5. Microsoft Defender detections and hunting guidance 6. Indicators of compromise Ransomware that combines robust encryption with rapid lateral movement significantly increases th...

PT-2026-36652

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description The built-in SSH server uses default configurations that advertise weak or broken key exchange, MAC, and host key algorithms. Specifically, the server supports the ecdh-sha2-nistp256,...

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

EUVD-2026-10213

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

UBUNTU-CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706 mkj Dropbear S Range Check curve25519.c unpackneg signature verification

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706 mkj Dropbear S Range Check curve25519.c unpackneg signature verification

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

CVE-2026-3706

The CVE-2026-3706 entry concerns mkj Dropbear up to version 2025.89. The vulnerability affects the function unpackneg in src/curve25519.c within the S Range Check component, leading to improper verification of cryptographic signatures. It is exploitable remotely with high attack complexity and is...

PT-2026-23915

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

dropbear 数据伪造问题漏洞

Dropbear is an application developed by Matt Johnston personally. Versions of Dropbear prior to 2025.89 contained a data manipulation vulnerability. This vulnerability stemmed from incorrect operations on the unpackneg function in the file S Range Check/src/curve25519.c, which could lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-3706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. Th...

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

CVE-2025-62514

Parsec’s 3.x web component libparsec_crypto (RustCrypto backend) does not verify weak order points for Curve25519 in versions before 3.6.0. An attacker in a MITM could supply weak order points to both parties during Diffie-Hellman, increasing the chance that both ends derive the same shared key a...