Today is a big day for OpenSSH patching: https://www.runzero.com/blog/openssh-servers/
Amazing work as always by the Qualys security research team, you can find the full advisory on "regreSSHion" at https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
The OpenSSH release notes are a fantastic read as well, especially the bits about timing analysis: https://www.openssh.com/txt/release-9.8
Lastly, if anyone else planning to drop SSH zero-day before summer camp, please give me a heads up, it's tough keeping a list of all of the cool research that our talk won't cover 😆