March 30, 2024, 5:23 a.m. | (The Hacker News)

The Hacker News

RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.
The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils

access alert backdoor called code compression compromise cve cve-2024 cvss cvss score data data compression found library linux linux distros major malicious popular redhat remote access score secret security security alert software software supply chain supply supply chain supply chain compromise unauthorized urgent warning

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

Information Security Engineers

@ D. E. Shaw Research | New York City

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC

Data Security Architect

@ Accenture Federal Services | Washington, DC

Identity Security Administrator

@ SailPoint | Pune, India