Frequently asked questions about CVE-2024-3094, a supply-chain attack responsible for a backdoor in XZ Utils, a widely used library found in multiple Linux distributions.| Tenable®
Please note: This is being updated in real-time. The intent is to make sense of lots of simultaneous discoveries| boehs.org
Malicious code planted in xz Utils has been circulating for more than a month.| Ars Technica
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.| WIRED
xz-utils backdoor situation (CVE-2024-3094). GitHub Gist: instantly share code, notes, and snippets.| Gist