How Xz Became The New Heartbleed

tedium.co

Xz Utils gets nailed by a supply-chain attack almost exactly a decade after Heartbleed highlighted similar structural weaknesses in the FOSS ecosystem.

1 page links to this URL

xz/liblzma Compromise Link Roundup

Shellsharks Michael Sass Mar 31, 2024

Links to analysis, discussion and more related to the xz/liblzma compromise (CVE-2024-3094).

2 inbound links article en infosec xz/liblzma Compromise Link Roundupshellsharksinfosecsupplychain