The article (as I understand it) discusses that by default, your SSH private key passphrase is essentially just a glorified MD5 hash, which is relatively easy to brute-force due to the speed at ...

A vulnerability in OpenSSH clients could expose users' private SSH keys to rogue or compromised servers.

A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation.

GitHub's RSA SSH private key was accidentally leaked to the public, as confirmed by the code hosting platform's CEO, Mike Hanley.

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH host keys or HTTPS server certificates.

In them they found over 580 unique private keys for SSH and HTTPS, many of them shared between multiple devices from the same vendor or even from different ones.