On March 29, 2024 local time, developer Andres Freund reported the existence of a malicious backdoor in XZ Utils. According to him, it was confirmed that malicious code was present in versions 5.6.0 ...
CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data ...
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns.
XZ is a compression tool used in many Linux distributions, and this time the attack specifically targeted the OpenSSH server process 'sshd.' In distributions such as 'Ubuntu,' 'Debian,' and ...
The Cybersecurity and Infrastructure Security Agency issued an alert Friday warning of a previously unnoticed backdoor in a widely used Linux tool that compresses and encrypts files shared between ...
A newly discovered backdoor in XZ Utils, a data compression utility present in nearly all Linux distributions, has revived the ghosts of previous major software-supply chain security scares such as ...
An enormous cyber-attack that would have had a catastrophic impact on millions of computer systems across the planet was thwarted over the weekend by a lone researcher, who spotted a backdoor in the ...
The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk. Evolving threats ...
On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in XZ Utils, an open source data compression utility available on almost all ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results