April 12, 2024 at 11:39AM XZ Utils backdoor test files were found in liblzma-sys, impacting version 0.3.2, but have since been removed in version 0.3.3. The backdoor allowed remote code execution through SSH and was attributed to a social engineering campaign targeting open-source projects. Multiple organizations have warned of the sophisticated methods used and emphasized … Read more
April 3, 2024 at 07:12AM An XZ Utils backdoor, reminiscent of a 2020 F-Droid attempt, highlighted the trend of targeting open source software. Jia Tan, posing as a legitimate developer, embedded a backdoor for remote code execution via Linux systems. Collin’s investigation promises more details, as experts predict further supply chain attacks in open source … Read more
April 2, 2024 at 10:38AM Binarly, a firmware security firm, has released a free online scanner to detect Linux executables affected by the XZ Utils supply chain attack, identified as CVE-2024-3094. The attack was discovered by a Microsoft engineer and the scanner aims to address this issue. It employs static analysis of binaries to identify … Read more
April 1, 2024 at 10:06AM Multiple major Linux distributions have been hit by a supply chain attack through XZ Utils data compression library, resulting in a backdoor for unauthenticated access. The attack affects various Linux distributions, with tools available to detect the malicious library. Reverting to an untainted version of XZ Utils eliminates the threat, … Read more
March 30, 2024 at 01:51AM RedHat issued an urgent security alert about backdoored versions of the XZ Utils data compression library, impacting versions 5.6.0 and 5.6.1. The compromised code interferes with the sshd daemon process and could allow unauthorized remote access under specific circumstances. Microsoft researcher Andres Freund discovered the issue, prompting GitHub to disable … Read more
March 29, 2024 at 01:55PM Red Hat issues urgent warning regarding backdoor discovered in the latest XZ Utils data compression tools and libraries in Fedora development versions. The malicious code, assigned a 10/10 critical severity score, compromises sshd authentication, potentially allowing unauthorized remote system access. Users are advised to revert to uncompromised version and monitor … Read more