XZ Backdoor / RCE (CVE-2024-3094) is the Biggest Supply Chain Attack Since Log4j
A severe backdoor has been discovered in XZ Utils versions 5.6.0 and 5.6.1, potentially allowing threat actors to remotely access systems using these versions within SSH implementations. Many major Linux distributions were inadvertently distributing compromised versions. Consult your distribution’s security advisory for specific impact information.