Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital conceptGetty Images
On Friday, researchers revealed the discovery of a backdoor that was intentionally planted in xz Utils, an open-source data compression utility available on almost all installations of Linux and other Unix-like operating systems. The person or people behind this project likely spent years on it. They were likely very close to seeing the backdoor update merged into Debian and Red Hat, the two biggest distributions of Linux when an eagle-eyed software developer spotted something fishy.
“This might be the best executed supply chain attack we’ve seen described
→ Continue reading at Ars Technica