all InfoSec news
A software supply chain meltdown: What we know about the XZ Trojan
April 1, 2024, 8:12 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)
ReversingLabs Blog blog.reversinglabs.com
Security experts are sounding alarms about what some are calling the most sophisticated supply chain attack ever carried out on an open source project: a malicious backdoor planted in xz/liblzma (part of the xz-utils package), a popular open source compression tool.
alarms appsec & supply chain security attack backdoor calling compression experts malicious meltdown open source package popular project security security experts software software supply chain supply supply chain supply chain attack tool trojan
More from blog.reversinglabs.com / ReversingLabs Blog
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)
@ Swiss Re | Madrid, M, ES
Alternant - Consultant HSE (F-H-X)
@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
Senior Risk/Cyber Security Analyst
@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
Offensive Security Engineer (University Grad)
@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
Senior IAM Security Engineer
@ Norfolk Southern | Atlanta, GA, US, 30308