Understanding XZ Backdoor

I'm an embedded sw engineer and I'm pretty new to malware analysis.
I was wondering if someone could point me some good resources to read and understand deeply the new XZ backdoor.


What are, instead, some advices that you can give me on analysing those kind of exploits and malwares? I was reading a book that went straight analysing malware having the executable, but other case are simply different, as everything happened on the internet through the XZ repository, for …

analysis backdoor book can cybersecurity embedded engineer exploits good kind malware malware analysis malwares point resources understand understanding xz backdoor