Security experts are sounding alarms about what some are calling the most sophisticated supply chain attack ever carried out on an open source project: a malicious backdoor planted in xz/liblzma (part of the xz-utils package), a popular open source compression tool.
The post A software supply chain meltdown: What we know about the XZ Trojan appeared first on Security Boulevard.
This article has been indexed from Security Boulevard