Fadhili Njagiblog.nixque.com·Apr 7, 2024The XZ backdoor - the unfolding of an accidentally caught severe supply chain attackThe accidental discovery of an insidious and well-planned supply chain attack on the XZ library sent massive shock waves throughout the open-source community. This attack effectively introduced a backdoor in the SSH service, rendering several Linux d...2 likes·56 readsSecurity
breach.devbreach.dev·Apr 6, 2024On CVE-2024-3094 (XZ Utils) and why the sky is not fallingBy now, you've heard about CVE-2024-3094 enabling a backdoor in some versions of OpenSSH enabled through infecting XZ Utils versions 5.6.0 and 5.6.1. No. The sky is not falling. Contrary to the broad majority of articles circulating on this particula...122 readsxz utils
