The XZ Backdoor: Everything You Need to Know | WIRED
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.| WIRED
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.| WIRED
Learn about a targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian.| www.sonatype.com
OpenSSF and Controlplane created, hosted and ran a tabletop exercise for Incident Responders in the format of a panellist discussion. Let’s have a look behind the scenes and uncover tips and tricks how a security team can carry out a similar exercise.| control-plane.io
The past few days have seen the security world focused on the revelation of the xz/liblzma backdoor. For more background, see this early writeup of the issue, this GitHub Gist, this detailed timeline, and the official detail page for CVE-2024-3094.| blog.rubygems.org
Easter Egg in xz, GSoC 2024, Opportunity Open Source 2024?, CPDB Snap, PAPPL scanning, Snap automation, SpliX 2.0.1| OpenPrinting
