JD Supra

XZ Utils Supply Chain Attack Sheds Light on Vulnerabilities in Widely Adopted Open Source System

In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns.
NPR

The hack that almost broke the internet

Last month, the world narrowly avoided a cyberattack of stunning ambition. The targets were some of the most important computers on the planet. Computers that power the internet. Computers used by ...
ZDNet

XZ Utils might not have been the only sabotage target, open-source foundations warn

The XZ Utils backdoor (CVE-2024-3094) may not have been an isolated incident, according to a joint statement by the Open Source Security Foundation and the OpenJS Foundation. If you're unaware of the ...
Infosecurity-magazine.com

Open Source Leaders Warn of XZ Utils-Like Takeover Attempts

The Open Source Security (OpenSSF) and OpenJS Foundations have called on open source maintainers to look out for takeover attempts, after spotting multiple social engineering attacks reminiscent of ...