CyberWeekly 22' Feb | Issue #22
Microsoft Majorana 1, Quantum computing, Signal phishing, Russian cyber threats, OpenSSH vulns, MitM attack, DoS attack, Cybersecurity updates, Encrypted messaging, Quantum crypto
TL;DR
Microsoft has unveiled Majorana 1, a breakthrough quantum processor leveraging topoconductors to create scalable, error-resistant qubits, pushing quantum computing closer to real-world applications. Meanwhile, Russian hackers are exploiting Signal’s "Linked Devices" feature through phishing attacks, prompting Signal to introduce new security measures. Lastly, OpenSSH has patched two critical vulnerabilities that could enable Man-in-the-Middle (MitM) and Denial-of-Service (DoS) attacks, urging users to update immediately.
Microsoft’s Quantum Leap - Majorana 1 Chip Breakthrough
Microsoft has just made a bold move in the quantum computing race with the unveiling of its Majorana 1 chip, a potential game-changer that could bring quantum computing out of the lab and into real-world applications. The key to this breakthrough? Topoconductors—a new class of materials that form the foundation for Microsoft’s topological qubits, which aim to be more stable and scalable than existing quantum bits.
At the heart of the challenge with quantum computing lies error correction. Qubits, unlike classical bits, are highly sensitive to environmental noise, leading to computational errors. Microsoft’s new design, leveraging tetrons as logical qubits for error correction, claims to drastically reduce these errors—bringing the error rate down to a manageable 1%. If successful, this would make quantum computing truly viable for real-world applications, from cryptography to AI and complex simulations.
Perhaps most impressive is the scale Microsoft is aiming for: a million-qubit quantum processor—all within a chip roughly the size of a standard CPU. That’s a staggering leap from today’s state-of-the-art quantum machines, which operate with only a few hundred qubits. If realized, this could put Microsoft ahead in the race toward practical, large-scale quantum computing.
The implications? Enormous. The U.S. government’s "Quantum Crypto Deadline" of 2035 suddenly seems much more realistic. Organizations must start preparing for a post-quantum world, ensuring cryptographic agility and adopting flexible security measures that can adapt to quantum-resistant algorithms.
While Majorana 1 is still in development and requires absolute zero temperatures to function, the roadmap for scalable quantum computing has never looked clearer. Keep your eyes on this space—because when this tech matures, the computing world as we know it will change forever.
Signal’s Linked Devices Feature Hijacked by Russian Hackers
Encrypted messaging apps like Signal are often hailed as the last bastion of privacy—but even the best security measures can be undermined by social engineering. Google’s Threat Intelligence Group (GTIG) has flagged a Russian state-backed phishing campaign exploiting Signal’s "Linked Devices" feature, allowing attackers to silently eavesdrop on messages in real-time.
Here’s how it works: Victims are tricked into scanning a malicious QR code or clicking a phishing link, believing it to be a legitimate security alert or group invite. Instead, they unknowingly grant attackers access to their Signal account, syncing their conversations across devices controlled by the threat actor. This means every message sent and received is intercepted without the user realizing it.
In response, Signal has rolled out new security measures, requiring additional authentication when linking devices and implementing real-time warnings for suspicious connections. But the attack underscores a deeper issue: user interface vulnerabilities can be just as dangerous as traditional software exploits. Many users struggle to distinguish between benign QR codes and phishing traps, making them easy targets for sophisticated cyberattacks.
Security experts warn that these tactics aren’t limited to Signal—other messaging platforms like WhatsApp and Telegram are also in the crosshairs. The best defenses? Use complex passwords, enable Lockdown Mode on iPhones, check your "linked devices" list regularly, and never scan QR codes from untrusted sources. As threats against encrypted communication intensify, vigilance is key.
OpenSSH Patches Flaws That Could Expose Millions to MitM and DoS Attacks
If your systems rely on OpenSSH, it’s time to patch—now. Researchers at Qualys Threat Research Unit (TRU) have uncovered two critical vulnerabilities that could put millions of SSH servers at risk, including those used by tech giants like Facebook, Netflix, and Morgan Stanley.
The first flaw, CVE-2025-26465, allows attackers to launch Man-in-the-Middle (MitM) attacks by exploiting OpenSSH’s VerifyHostKeysDNS option. Ironically, this setting—designed to verify a server’s authenticity—has been found to actually compromise security, leaving connections vulnerable to interception. What’s worse? This flaw has been present in OpenSSH since 2014 and was enabled by default in FreeBSD until 2023.
The second flaw, CVE-2025-26466, enables pre-authentication Denial-of-Service (DoS) attacks, which could allow malicious actors to crash OpenSSH servers before authentication even takes place.
Both issues have been patched in OpenSSH 9.9p2, and if your organization uses OpenSSH, updating immediately is non-negotiable. Beyond patching, tighten access controls—exposing SSH services unnecessarily can lead to massive security headaches. And if you’re still relying on DNS-based host key verification, it’s time to rethink your security strategy.
The bigger picture? OpenSSH underpins secure remote access for millions of systems worldwide. These flaws, while now patched, serve as a stark reminder that even foundational security tools can harbor vulnerabilities for years before they’re discovered. Regular updates and proactive security measures aren’t optional—they’re essential.
Liked this post or want to chat about cybersecurity? Have suggestions? Reach out to the
Sponsored
https://guidedhacking.com/forums/the-game-hacking-bible-learn-how-to-hack-games.469/
The Game Hacking Bible is an intricate and multifaceted guide to the art of game hacking. It contains quite literally, all the skills and knowledge required to hack modern PC video games. Its contents cover a vast array of techniques and strategies used by skilled hackers to manipulate and modify game code in order to achieve their desired outcomes. Bursting with detailed examples and step-by-step instructions, this manual is a treasure trove of knowledge for software developers looking to up their game. Whether you're a seasoned hacker or just starting out, the Game Hacking Bible is an essential resource for anyone looking to hone their skills in this exciting and naturally dynamic field. So why not dive in and discover the world of game hacking for yourself? With this guide as your companion, the possibilities are endless.
Without the community partners, hacklido wouldn't be where it is now, So we would like to thank them.
If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via maalolan@hacklido.com / discord / telegram group / Author’s LinkedIn to discuss with us!