pull down to refresh

XZ backdoor: "It's RCE, not auth bypass, and gated/unreplayable."bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b
20 sats \ 1 comment \ @hn 31 Mar 2024 tech
related
XZ backdoor behavior inside OpenSSHsecurelist.com/xz-backdoor-part-3-hooking-ssh/113007/
10 sats \ 0 comments \ @ch0k1 24 Jun 2024 news
Critical Unauthenticated RCE Flaw Impacts all GNU/Linux systemscybersecuritynews.com/critical-unauthenticated-rce-flaw/
349 sats \ 1 comment \ @ch0k1 24 Sep 2024 news
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermindwww.wired.com/story/jia-tan-xz-backdoor/
523 sats \ 2 comments \ @ch0k1 3 Apr 2024 security
Inside the failed attempt to backdoor SSH globally — that got caught by chancedoublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
2035 sats \ 23 comments \ @ch0k1 1 Apr 2024 security
Critical Vulnerability in Wazuh Server Enables Malicious Code Executioncybersecuritynews.com/wazuh-server-vulnerability-rce/amp/
21 sats \ 0 comments \ @ch0k1 4 Mar 2025 security
SonicWall Issues Critical Patch for Vulnerability Allowing Unauthorized Accessthehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html?m=1
10 sats \ 0 comments \ @ch0k1 28 Aug 2024 security
A Win for Encryption: France Rejects Backdoor Mandatewww.eff.org/deeplinks/2025/03/win-encryption-france-rejects-backdoor-mandate
316 sats \ 0 comments \ @StillStackinAfterAllTheseYears 21 Mar 2025 security
Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerabilitycybersecuritynews.com/metas-llama-firewall/
21 sats \ 0 comments \ @ch0k1 14 Jul 2025 security
xz-utils backdoor situationgist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
1617 sats \ 4 comments \ @ch0k1 30 Mar 2024 security
XZ backdoor story – Initial analysissecurelist.com/xz-backdoor-story-part-1/112354/
287 sats \ 0 comments \ @hn 13 Apr 2024 tech
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)github.com/amlweems/xzbot
21 sats \ 1 comment \ @hn 1 Apr 2024 tech
NixOS and reproducible builds could have detected the xz backdoorluj.fr/blog/how-nixos-could-have-detected-xz.html
113 sats \ 1 comment \ @hn 23 Mar 2025 tech
Backdoor Found in XZ Tools Used by Most Linux Distroswww.nobsbitcoin.com/backdoor-in-xz-tools-used-by-most-linux-distros/
96 sats \ 0 comments \ @BitcoinIsTheFuture 29 Mar 2024 econ
State Actors & Incentives - XZ Utils Backdoor Demonstrates the Evil of the State
142 sats \ 0 comments \ @kepford 12 Apr 2024 libertarian
Backdoor in upstream xz/liblzma leading to SSH server compromisewww.openwall.com/lists/oss-security/2024/03/29/4
10 sats \ 1 comment \ @hn 31 Mar 2024 tech
The Watchman Privacy Podcast • 104 - XZ Backdoor: A FOSS Danger Storyfountain.fm/episode/dXe9ofoqdk80yzgAFdGG
10 sats \ 0 comments \ @Rsync25 21 May 2024 bitdevs
SolarWinds left critical hardcoded credentials in its Web Help Desk productwww.theregister.com/AMP/2024/08/22/hardcoded_credentials_bug_solarwinds_whd/
10 sats \ 0 comments \ @ch0k1 23 Aug 2024 news
research!rsc: Timeline of the xz open source attackresearch.swtch.com/xz-timeline
10 sats \ 0 comments \ @Rsync25 2 Apr 2024 tech
Marty's Bent Issue #1283: Trusted third parties are security holestftc.io/martys-bent/issue-1283-trusted-third-parties-are-security-holes/
65 sats \ 1 comment \ @cryptocoin 22 Nov 2022 bitcoin
Nation state backdoor found in Cisco firewalls (again..?)www.youtube.com/watch?v=GMiGHWTPv5Q
21 sats \ 2 comments \ @zarko 3 May 2024 security
Hacker targets other hackers and gamers with backdoored GitHub codewww.bleepingcomputer.com/news/security/hacker-targets-other-hackers-and-gamers-with-backdoored-github-code/
10 sats \ 0 comments \ @ch0k1 4 Jun 2025 security