GitHub

luau-project/lua-xz

For this example, we compress the README.md file of this project, which might even become larger than the original due its small size. In the end of the script execution, a file named README.md.lzma ...
TechCrunch

How to make open source software more secure

Earlier this year, a Microsoft developer realized that someone had inserted a backdoor into the code of open source utility XZ Utils, which is used in virtually all Linux operating systems. The ...
GitHub

Cannot flash xz file compiled from img (.img.xz)

I was trying to flash a samsung 64GB microsd card with a disk image I made from a ubuntu 22.04.5 LTS running on a raspberry pi 4. The etcher was installed on a macbook with m1 pro and 16gb ram. Using ...
GIGAZINE

Security company Kaspersky explains how the backdoor of the compression tool 'XZ Utils' used in Linux environments is embedded

XZ is a compression tool used in many Linux distributions, and this time the attack specifically targeted the OpenSSH server process 'sshd.' In distributions such as 'Ubuntu,' 'Debian,' and ...
theregister

Open sourcerers say suspected xz-style attacks continue to target maintainers

Open source groups are warning the community about a wave of ongoing attacks targeting project maintainers similar to those that led to the recent attempted backdooring of a core Linux library. Higher ...
NPR

The hack that almost broke the internet

Last month, the world narrowly avoided a cyberattack of stunning ambition. The targets were some of the most important computers on the planet. Computers that power the internet. Computers used by ...
techzine

xz backdoor shows how vulnerable open-source is to hackers playing the long game

A security leak in the Linux compression tool xz shows open-source systems’ vulnerability to multi-year infiltration tactics by “trusted” contributors. In this case, the culprits added malicious code ...