CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data ...
Users of the open source XZ Utils data compression library may have narrowly avoided falling victim to a major supply chain attack, after evidence of an apparently intentionally placed backdoor in the ...
On March 29, 2024 local time, developer Andres Freund reported the existence of a malicious backdoor in XZ Utils. According to him, it was confirmed that malicious code was present in versions 5.6.0 ...
A newly discovered backdoor in XZ Utils, a data compression utility present in nearly all Linux distributions, has revived the ghosts of previous major software-supply chain security scares such as ...
The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk. Evolving threats ...
XZ is a compression tool used in many Linux distributions, and this time the attack specifically targeted the OpenSSH server process 'sshd.' In distributions such as 'Ubuntu,' 'Debian,' and ...
After a Microsoft software engineer noticed a backdoor in XZ Utils, an open-source set of data-compression tools widely used across Linux, the world was only a couple of weeks away from a major supply ...
On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in XZ Utils, an open source data compression utility available on almost all ...
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results