Open-Source-Security
CVE-2024-3094 — XZ Utils Backdoor Supply-Chain Compromise
Expert technical analysis of CVE-2024-3094, the malicious backdoor discovered in XZ Utils release tarballs that affected liblzma and introduced a critical software supply-chain risk for Linux environments.
XZ Utils Backdoor Discovery Shakes Linux Supply Chain
Researchers uncover a sophisticated backdoor hidden inside XZ Utils release archives, exposing a major software supply chain compromise affecting Linux distributions.