Assessing the Y, and How, of the XZ Utils incident
SecureList
APRIL 24, 2024
The backdoor code was inserted in February and March 2024, mostly by Jia Cheong Tan, likely a fictitious identity. And, in what seems to be a learned approach, the XZ Utils project penetration was likely a patient, multi-year approach, both planned in advance but somewhat clumsily executed. It’s highly recommended reading.
Let's personalize your content