all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

XZ Utils, a Popular Linux Tool, Contains a New Backdoor

Add to bookmarks
April 9, 2024, 9:45 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

There’s a new Linux backdoor with a 10.0 CVSS score, and it shows that sometimes an attack can come from unexpected sources, especially if your environment heavily relies on open-source software. The recently discovered supply chain exploit affects XZ Utils, a popular open-source tool, and is currently tracked as CVE-2024-3094. It has received the highest CVSS score: 10.0. 


What happened? 


An attacker introduced malicious code into XZ Utils release versions 5.6.0 and 5.6.1. To achieve this, the actor became …

attack backdoor can cve cve-2024 cve-2024-3094 cvss cvss score environment exploit linux open-source software popular score software supply supply chain tool xz utils

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

The real reason antivirus software detects cracks 19 hours ago | malware.news
malware analysis topic
Update: what-is-new.py Version 0.0.4 23 hours ago | malware.news
article didier didier stevens http +9
The CTI Analyst Challenge 1 day, 1 hour ago | malware.news
analysis analyst analysts capabilities +14
Critical RCE Vulnerability (CVE-2024-4577) in PHP on Windows: Patch Now Available 1 day, 12 hours ago | malware.news
code code execution continuous critical +15
2024-06-08: Three days of server scans and probes 1 day, 18 hours ago | malware.news
analysis article link malware +7
Update: simple_listener.py Version 0.1.5 1 day, 23 hours ago | malware.news
design ipv4 ipv6 malware analysis +5
PHP updates urged over critical vulnerability that could lead to RCE 2 days, 2 hours ago | malware.news
administrators article critical critical vulnerability +10
Microsoft rethinks Recall feature for Copilot after backlash over security 2 days, 2 hours ago | malware.news
article copilot default feature +8
Senator: HHS Needs to Require Security Measures for Health Sector 2 days, 3 hours ago | malware.news
attack care cybersecurity cybersecurity measures +26

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com