Tag feed

#xz-utils

2 posts0 followers

The XZ backdoor - the unfolding of an accidentally caught severe supply chain attack

Apr 7, 2024 · 16 min read · The accidental discovery of an insidious and well-planned supply chain attack on the XZ library sent massive shock waves throughout the open-source community. This attack effectively introduced a backdoor in the SSH service, rendering several Linux d...

EEason commented

Bbreach.devbreach.dev

0

On CVE-2024-3094 (XZ Utils) and why the sky is not falling

Apr 6, 2024 · 3 min read · By now, you've heard about CVE-2024-3094 enabling a backdoor in some versions of OpenSSH enabled through infecting XZ Utils versions 5.6.0 and 5.6.1. No. The sky is not falling. Contrary to the broad majority of articles circulating on this particula...

Join discussion

#xz-utils

Search Hashnode

#xz-utils

The XZ backdoor - the unfolding of an accidentally caught severe supply chain attack

On CVE-2024-3094 (XZ Utils) and why the sky is not falling