XZ Utils, a tool for compression/decompression, was infiltrated by a backdoor enabling remote code execution via SSH login certificates, impacting versions 5.6.0 and 5.6.1.
The backdoor implementation in XZ Utils, with potential state sponsorship, went undetected for about two years before being discovered serendipitously by a Microsoft engineer.
[
add
]
[
|
|
...
]