Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. A threat actor quietly spent the last two years ...

A Microsoft developer has found a backdoor in a software package of a compression library widely used in Linux systems that could have resulted in a massive software supply chain attack. The author of ...

Red Hat is warning that a vulnerability in XZ Utils, the XZ format compression utility included in Unix-like operating systems such as Linux, is a backdoor. Users should either downgrade the utility ...

On March 29, 2024 local time, developer Andres Freund reported the existence of a malicious backdoor in XZ Utils. According to him, it was confirmed that malicious code was present in versions 5.6.0 ...

Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting ...

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data ...

On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open source data compression utility available on almost all ...

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. Because the backdoor was discovered ...

Caught before it could do widespread damage, the sophisticated vulnerability could have been one of the highest-impact software supply chain breaches to date. A data compression library called XZ ...