What do you do when you learn about a new 0-day like the xzutils CVE? Come to 0.14 at 11am to see how Tetragon makes it easier to cope. There will be demos! #OSSsummit #eBPF
September 17, 2024 at 6:23 AM
What do you do when you learn about a new 0-day like the xzutils CVE? Come to 0.14 at 11am to see how Tetragon makes it easier to cope. There will be demos! #OSSsummit #eBPF
#XZUtils 5.6.2 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression / #CVE / #CVE20243094) tukaani.org/xz/
XZ Utils
tukaani.org
May 29, 2024 at 7:48 PM
#XZUtils 5.6.2 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression / #CVE / #CVE20243094) tukaani.org/xz/
#dockerhub still hosts dozens of #linux images with the #xz #backdoor
https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/
#cybersecurity #foss #docker #xzutils
https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/
#cybersecurity #foss #docker #xzutils
Docker Hub still hosts dozens of Linux images with the XZ backdoor
The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk. [...]
www.bleepingcomputer.com
August 14, 2025 at 2:03 PM
#dockerhub still hosts dozens of #linux images with the #xz #backdoor
https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/
#cybersecurity #foss #docker #xzutils
https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/
#cybersecurity #foss #docker #xzutils
XZ Utils introduce nuove opzioni di build multipiattaforma, mentre Rescuezilla 2.6 migliora la compatibilità hardware e UEFI con Ubuntu 24.10.
#backup #clonezilla #immagineISO #Linux #Partclone #rescuezilla #Rescuezilla26 #SecureBoot #Ubuntu2410 #XZUtils
www.matricedigitale.it/tech/xz-util...
#backup #clonezilla #immagineISO #Linux #Partclone #rescuezilla #Rescuezilla26 #SecureBoot #Ubuntu2410 #XZUtils
www.matricedigitale.it/tech/xz-util...
March 26, 2025 at 7:30 AM
XZ Utils introduce nuove opzioni di build multipiattaforma, mentre Rescuezilla 2.6 migliora la compatibilità hardware e UEFI con Ubuntu 24.10.
#backup #clonezilla #immagineISO #Linux #Partclone #rescuezilla #Rescuezilla26 #SecureBoot #Ubuntu2410 #XZUtils
www.matricedigitale.it/tech/xz-util...
#backup #clonezilla #immagineISO #Linux #Partclone #rescuezilla #Rescuezilla26 #SecureBoot #Ubuntu2410 #XZUtils
www.matricedigitale.it/tech/xz-util...
En plus de faire des lives recaps du #DevFestNantes, @ponceto91.bsky.social nous présente l'anatomie de la faille de l'enfer sur xzutils ! Terrifiant 🙀
October 18, 2024 at 1:14 PM
En plus de faire des lives recaps du #DevFestNantes, @ponceto91.bsky.social nous présente l'anatomie de la faille de l'enfer sur xzutils ! Terrifiant 🙀
the jstor logo looks like the pfp from jia tan the group from the xzutils backdoor shit
September 20, 2024 at 12:32 AM
the jstor logo looks like the pfp from jia tan the group from the xzutils backdoor shit
#Microsoft FAQ and guidance for #XZUtils backdoor #vulnerability in #Linux distributions
www.elevenforum.com/t/microsoft-...
www.elevenforum.com/t/microsoft-...
April 2, 2024 at 1:33 PM
#Microsoft FAQ and guidance for #XZUtils backdoor #vulnerability in #Linux distributions
www.elevenforum.com/t/microsoft-...
www.elevenforum.com/t/microsoft-...
#XZUtils 5.8.1 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression ) tukaani.org/xz/
XZ Utils
tukaani.org
April 8, 2025 at 11:39 PM
#XZUtils 5.8.1 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression ) tukaani.org/xz/
#XZUtils 5.6.4 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression ) tukaani.org/xz/
XZ Utils
tukaani.org
February 23, 2025 at 5:19 AM
#XZUtils 5.6.4 (stable) has been released ( #xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression ) tukaani.org/xz/
XZ Utils had been deliberately sabotaged by one of its developers, a move that could have carved out a secret door to millions of servers across the internet
#Microsoft #XZUtils #backdoor #software #developer #security #cybersecurity #hackers #hacking
www.reuters.com/technology/c...
#Microsoft #XZUtils #backdoor #software #developer #security #cybersecurity #hackers #hacking
www.reuters.com/technology/c...
Why a near-miss cyberattack put US officials and the tech industry on edge
German software developer Andres Freund was running some detailed performance tests last month when he noticed odd behavior in a little known program. What he found when he investigated has sent shudders across the software world and drawn attention from tech executives and government officials.
www.reuters.com
April 9, 2024 at 2:08 PM
XZ Utils had been deliberately sabotaged by one of its developers, a move that could have carved out a secret door to millions of servers across the internet
#Microsoft #XZUtils #backdoor #software #developer #security #cybersecurity #hackers #hacking
www.reuters.com/technology/c...
#Microsoft #XZUtils #backdoor #software #developer #security #cybersecurity #hackers #hacking
www.reuters.com/technology/c...
The latter is particularly concerning to me because we just don't know what potential adversarial training can do. If somebody cracks that, with just some commits to public GitHub repos, they could seed vulnerabilities/backdoors that make the XZUtils operation look quaint.
August 8, 2025 at 3:58 AM
The latter is particularly concerning to me because we just don't know what potential adversarial training can do. If somebody cracks that, with just some commits to public GitHub repos, they could seed vulnerabilities/backdoors that make the XZUtils operation look quaint.
Was talking #Linux to a friend and mentioned most of the internet is built on it. He, a well-informed person, had never heard about #XZutils attack but #Zetland have a very nice summary (in Danish, DeepL works well) so I'm sharing it again here
🎁
🎁
Et halvt sekund reddede internettet fra kollaps. Nogen havde plantet en tidsindstillet bombe. Men hvem?
I foråret saboterede en tysk computeringeniør, hvad der kunne have været et af de mest ødelæggende cyberangreb. Det var rent tilfælde. Hvorfor er verden sådan? Det undersøger vi i dag.
www.zetland.dk
June 1, 2024 at 10:20 AM
We still need to know what country was behind the #Xz vulnerability and whether it was ever used to breach any orgs #XZutils
therecord.media/malicious-ba...
therecord.media/malicious-ba...
Malicious backdoor code embedded in popular Linux tool, CISA and Red Hat warn
The malicious code affects XZ Utils, a tool that helps compress large file formats which is present in nearly every Linux distribution.
therecord.media
April 1, 2024 at 4:15 PM
We still need to know what country was behind the #Xz vulnerability and whether it was ever used to breach any orgs #XZutils
therecord.media/malicious-ba...
therecord.media/malicious-ba...
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
www.wired.com/story/... #cybersecurity #nationstate #software #malware #backdoors #XZUtils
www.wired.com/story/... #cybersecurity #nationstate #software #malware #backdoors #XZUtils
April 4, 2024 at 2:00 PM
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
www.wired.com/story/... #cybersecurity #nationstate #software #malware #backdoors #XZUtils
www.wired.com/story/... #cybersecurity #nationstate #software #malware #backdoors #XZUtils
バックドア付きXZ utilsがDockerイメージに残っている話。バックドアが付いたままイメージ作って更新されなければ、そりゃ残るよなぁ #linux #docker #xzutils
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images: https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images: https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images
August 19, 2025 at 2:33 AM
バックドア付きXZ utilsがDockerイメージに残っている話。バックドアが付いたままイメージ作って更新されなければ、そりゃ残るよなぁ #linux #docker #xzutils
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images: https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images: https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images
Warning, #XZUtils 5.6.0 has a #backdoor (#xz/#LZMAUtils/#LZMA/#LZMA2/#DataCompression), please revert quickly! #CVE20243094 (CVE-2024-3094) www.openwall.com/lists/oss-se...
March 30, 2024 at 10:56 AM
Warning, #XZUtils 5.6.0 has a #backdoor (#xz/#LZMAUtils/#LZMA/#LZMA2/#DataCompression), please revert quickly! #CVE20243094 (CVE-2024-3094) www.openwall.com/lists/oss-se...
Backdoor in XZ Utils That Almost Happened
schneier.com/blog/archive...
#Infosec #Security #Cybersecurity #CeptBiro #Backdoor #XZUtils #SchneierOnSecurity
schneier.com/blog/archive...
#Infosec #Security #Cybersecurity #CeptBiro #Backdoor #XZUtils #SchneierOnSecurity
Backdoor in XZ Utils That Almost Happened - Schneier on Security
schneier.com
April 11, 2024 at 12:36 PM
Backdoor in XZ Utils That Almost Happened
schneier.com/blog/archive...
#Infosec #Security #Cybersecurity #CeptBiro #Backdoor #XZUtils #SchneierOnSecurity
schneier.com/blog/archive...
#Infosec #Security #Cybersecurity #CeptBiro #Backdoor #XZUtils #SchneierOnSecurity
CVE-2024-3094: RCE Vulnerability Discovered in XZ Utils
kratikal.com/blog/cve-202...
#Infosec #Security #Cybersecurity #CeptBiro #RCE #Vulnerability #XZUtils
kratikal.com/blog/cve-202...
#Infosec #Security #Cybersecurity #CeptBiro #RCE #Vulnerability #XZUtils
CVE-2024-3094: RCE Vulnerability Discovered in XZ Utils - Kratikal Blogs
CVE-2024-3094 is a critical Remote Code Execution (RCE) vulnerability found in the popular open-source XZ Utils library.
kratikal.com
April 9, 2024 at 12:36 PM
CVE-2024-3094: RCE Vulnerability Discovered in XZ Utils
kratikal.com/blog/cve-202...
#Infosec #Security #Cybersecurity #CeptBiro #RCE #Vulnerability #XZUtils
kratikal.com/blog/cve-202...
#Infosec #Security #Cybersecurity #CeptBiro #RCE #Vulnerability #XZUtils
CVE-2025-31115: XZ Utils Hit Again with High-Severity Multithreaded Decoder Bug
A critical flaw in XZ Utils affects multithreaded decoding, risking system crashes and potential exploitation. Patch your systems now.
securityonline.info/cve-2025-311...
#Cybersecurity #XZUtils #Vulnerability
A critical flaw in XZ Utils affects multithreaded decoding, risking system crashes and potential exploitation. Patch your systems now.
securityonline.info/cve-2025-311...
#Cybersecurity #XZUtils #Vulnerability
CVE-2025-31115: XZ Utils Hit Again with High-Severity Multithreaded Decoder Bug
Learn about the XZ Utils vulnerability and its impact on data compression tools. Understand CVE-2025-31115 and its risks.
securityonline.info
April 7, 2025 at 7:20 AM
CVE-2025-31115: XZ Utils Hit Again with High-Severity Multithreaded Decoder Bug
A critical flaw in XZ Utils affects multithreaded decoding, risking system crashes and potential exploitation. Patch your systems now.
securityonline.info/cve-2025-311...
#Cybersecurity #XZUtils #Vulnerability
A critical flaw in XZ Utils affects multithreaded decoding, risking system crashes and potential exploitation. Patch your systems now.
securityonline.info/cve-2025-311...
#Cybersecurity #XZUtils #Vulnerability
On peut aussi parler de xzutils où on est passé à ça de la catastrophe... (en plus c'est tellement plus un scénario de roman d'espionnage qu'un pauvre déploiement qui a foiré)
July 19, 2024 at 11:33 AM
On peut aussi parler de xzutils où on est passé à ça de la catastrophe... (en plus c'est tellement plus un scénario de roman d'espionnage qu'un pauvre déploiement qui a foiré)
Backdoor in XZ Utils attiva in Docker Hub, attacchi brute-force su Fortinet e 3300 NetScaler vulnerabili aggravano l’allerta cyber globale.
#backdoor #bruteforce #CitrixBleed #fortinet #Matrix #NetScaler #supplychain #XZUtils
www.matricedigitale.it/2025/08/13/b...
#backdoor #bruteforce #CitrixBleed #fortinet #Matrix #NetScaler #supplychain #XZUtils
www.matricedigitale.it/2025/08/13/b...
August 13, 2025 at 11:35 AM
Backdoor in XZ Utils attiva in Docker Hub, attacchi brute-force su Fortinet e 3300 NetScaler vulnerabili aggravano l’allerta cyber globale.
#backdoor #bruteforce #CitrixBleed #fortinet #Matrix #NetScaler #supplychain #XZUtils
www.matricedigitale.it/2025/08/13/b...
#backdoor #bruteforce #CitrixBleed #fortinet #Matrix #NetScaler #supplychain #XZUtils
www.matricedigitale.it/2025/08/13/b...
Fehler zu beheben, sie weiter zu entwickeln, zu auditieren, zu portieren, zu pflegen.
Beispiele wie die Backdoor in den xzutils legen schonungslos offen, dass wir teilweise zentrale Komponenten der IT Security, ➡️
Beispiele wie die Backdoor in den xzutils legen schonungslos offen, dass wir teilweise zentrale Komponenten der IT Security, ➡️
May 10, 2025 at 6:44 AM
Fehler zu beheben, sie weiter zu entwickeln, zu auditieren, zu portieren, zu pflegen.
Beispiele wie die Backdoor in den xzutils legen schonungslos offen, dass wir teilweise zentrale Komponenten der IT Security, ➡️
Beispiele wie die Backdoor in den xzutils legen schonungslos offen, dass wir teilweise zentrale Komponenten der IT Security, ➡️
🐛 What we know about the xz Utils backdoor that almost infected the world
by Dan Goodin @dangoodin001 dan.goodin@arstechnica.com at @arstechnica
#XZbackdoor #xzUtils #malware
arstechnica.com/security/202...
by Dan Goodin @dangoodin001 dan.goodin@arstechnica.com at @arstechnica
#XZbackdoor #xzUtils #malware
arstechnica.com/security/202...
April 1, 2024 at 11:02 PM
🐛 What we know about the xz Utils backdoor that almost infected the world
by Dan Goodin @dangoodin001 dan.goodin@arstechnica.com at @arstechnica
#XZbackdoor #xzUtils #malware
arstechnica.com/security/202...
by Dan Goodin @dangoodin001 dan.goodin@arstechnica.com at @arstechnica
#XZbackdoor #xzUtils #malware
arstechnica.com/security/202...