Apr 2, 2024
Tom and Chunga have a good one for you today!
Late last week, news broke that an extremely dangerous backdoor CVE, built within the XZ compression library had compromised Linux Debian Unstable and Fedora 40-41. Fortunately, was discovered before it could hit an enterprise platform!
Tom says this particular CVE was especially dangerous and hard to detect because it was built deep into the XZ compression library. As dangerous as it was, it was also brilliant backdoor hack because nobody ever pays any attention to the compression library! Plus, the hacker took an extremely long time to execute his or her plan. It was so smart in fact, that Tom says we're all very lucky it was ever discovered.
Chunga has a theory that this is only the beginning when it comes to what this individual is actually planning. He's of the opinion that this person has several of these CVE's built into multiple open source software platforms. Does Tom agree with this theory? Listen NOW to find out!