Recently a bad actor, implemented a backdoor is one of the most widely used libraries in GNU/Linux distors; the xz compression suit. This backdoor lets the attacker to execute system() calls with no authentication; an RCE attack.
It seems this bad actor; called "JiaT75" was planning for this during last 2 years and succeeded to do so after acquiring trust and becoming a trusted developer of the project.
In this video I will explain the attack and the background knowledge needed to understand it.
Top comments (0)