all InfoSec news
XZ Utils, a Popular Linux Tool, Contains a New Backdoor
Malware Analysis, News and Indicators - Latest topics malware.news
There’s a new Linux backdoor with a 10.0 CVSS score, and it shows that sometimes an attack can come from unexpected sources, especially if your environment heavily relies on open-source software. The recently discovered supply chain exploit affects XZ Utils, a popular open-source tool, and is currently tracked as CVE-2024-3094. It has received the highest CVSS score: 10.0.
What happened?
An attacker introduced malicious code into XZ Utils release versions 5.6.0 and 5.6.1. To achieve this, the actor became …
attack backdoor can cve cve-2024 cve-2024-3094 cvss cvss score environment exploit linux open-source software popular score software supply supply chain tool xz utils