The malicious code is known to be in 5.6.0 and 5.6.1 releases of the XZ Utils software package. The exploit remains dormant unless a specific third-party patch of the SSH server is used. …

2024年4月1日 · On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open source data compression utility …

2025年3月19日 · On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that gives developers lossless compression. This package is commonly used for compressing …

2024年4月3日 · Over the weekend, the cybersecurity and open source software community was shocked by the news that a relatively new, experimental version of XZ Utils —a compression …

2024年3月29日 · Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The …

2024年4月3日 · The malicious code in XZ Utils was introduced by a user calling themself Jia Tan, employing the handle JiaT75, according to Ars Technica and Wired.

Let's dive right into the heart of the matter - the new vulnerability in XZ. Key to your digital security, you need to know precisely how this vulnerability impacts you and how you can …

2024年4月1日 · Major Linux distributions have been impacted by a supply chain attack involving backdoored versions of the XZ Utils data compression library. Microsoft software engineer …

2024年4月7日 · On March 28, 2024 a backdoor was identified in XZ Utils. This vulnerability, CVE-2024-3094 with a CVSS score of 10 is a result of a software supply chain compromise …

2024年4月2日 · The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code …