CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma

As sure as long weekends arrive in the western world, so too does news of new supply chain attacks. The easter bank holidays were no exception, with the discovery of a targeted attack against the popular XZ compression utility seen in many linux distributions such as fedora, debian to name a few.

attack attacks backdoor bank compression cve cve-2024 cve-2024-3094 debian discovery distributions easter everything open source featured fedora holidays linux linux distributions malicious injection news and views popular software supply chain supply supply chain supply chain attack supply chain attacks targeted attack utility western world