Techly NewsGet the app

Get the latest tech news

The XZ Backdoor: Everything You Need to Know


Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.

They were likely very close to seeing the backdoor update merged into Debian and Red Hat, the two biggest distributions of Linux, when an eagle-eyed software developer spotted something fishy. “This might be the best-executed supply chain attack we've seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library,” software and cryptography engineer Filippo Valsorda said of the effort, which came frightfully close to succeeding. Andres Freund, a developer and engineer working on Microsoft’s PostgreSQL offerings, was recently troubleshooting performance problems a Debian system was experiencing with SSH, the most widely used protocol for remotely logging in to devices over the Internet.

Get the Android app

Or read this on Wired

Read more on:

Photo of xz backdoor

xz backdoor

« DrugGPT: new AI tool could help doctors prescribe medicine in England | Drugs
Immortals of Aveum set to receive HDR and FSR 3 console frame generation »