The infamous XZ Utils backdoor discovered last year may have a bit of life in it yet. Binarly on Aug. 12 published research concerning the XY Utils backdoor, a notorious incident in which a developer ...
A Microsoft developer has found a backdoor in a software package of a compression library widely used in Linux systems that could have resulted in a massive software supply chain attack. The author of ...
A newly discovered backdoor in XZ Utils, a data compression utility present in nearly all Linux distributions, has revived the ghosts of previous major software-supply chain security scares such as ...
The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk. Docker Hub is the ...
On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in XZ Utils, an open source data compression utility available on almost all ...
Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting ...
Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. CVE-2024-3094 is a supply chain ...
It’s a lot more complicated than that. The FOSS ideal is “You are what you code,” not “Your reputation precedes you.” As such, it shouldn’t matter one whit if you are a seventeen-year cicada larva ...
Users of the open source XZ Utils data compression library may have narrowly avoided falling victim to a major supply chain attack, after evidence of an apparently intentionally placed backdoor in the ...
This is a full-on hostile attack against our infrastructure. Finding exactly who did this and how they were organized feels like something Homeland Security should be aggressively pursuing. I would be ...