Backdoor discovered in XZ Utils by Microsoft developer
The Intercept — April 4, 2024, 12:00 AM UTC
Summary: Microsoft developer Andres Freund discovered a backdoor in XZ Utils, a widely used data compression utility in Linux-based applications. The backdoor, introduced by user Jia Tan, could compromise systems. Tan gained trust in the XZ project, eventually becoming a co-maintainer. U.S. intelligence agencies are investigating. GitHub disabled Tan's account. The open-source nature of the project allowed for the backdoor's discovery before distribution.
Article metrics
The article metrics are deprecated.
I'm replacing the original 8-factor scoring system with a new and improved one. It doesn't use the original factors and gives much better significance scores.