On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open source data compression utility available on almost all ...

In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns.

If you’re managing or using Linux systems, it’s crucial to understand the recent security threat that has emerged. The XZ Utils, an essential tool for lossless data compression on Linux, was ...

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor Your email has been sent Read about a supply chain attack that involves XZ Utils, a data compressor widely ...

Recently, it has become all too common for malicious hackers to insert bad code into software. Some open-source code repositories, such as the popular JavaScript package manager, Node Package Manager ...

The XZ Utils backdoor (CVE-2024-3094) may not have been an isolated incident, according to a joint statement by the Open Source Security Foundation and the OpenJS Foundation. If you're unaware of the ...

An off-the-clock Microsoft worker prevented malicious code from spreading into widely-used versions of Linux via a compression format called XZ Utils. An off-the-clock Microsoft worker prevented ...

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. Because the backdoor was discovered ...

A data compression program in the Unix and Linux world. Developed by Lasse Collin and Igor Pavlov, XZ Utils was released in 2009 as "LZMA Utils." Because XZ can only compress a single file, it is ...

There is a gaping security hole in the widespread XZ utils that could potentially be misused to inject malicious code. A security vulnerability has been discovered in the XZ compression library. This ...