GitHub

Easy verified commits in GitHub Actions with no GPG hassles

Unsigned commits look suspicious. GitHub shows "Verified" badges on signed commits, proving they're authentic. Signing commits with GPG within CI is tricky. Signing commits with SSH is much simpler.
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC) communication protocol for command-and-control (C2) purposes. ...