Attacker Social-Engineered Backdoor Code Into XZ Utils
April 24, 2024 at 05:27PM Attacks like those experienced by SolarWinds and CodeCov show that adversaries can employ social engineering to execute supply chain attacks, as demonstrated by the backdoor introduction in the XZ Utils open source utility. This incident, along with warnings from the Open Source Security Foundation, highlights the need for vigilance in … Read more