Why you should care about the xz exploit
The greatest backdoor there never was: CVE-2024–3094
Published in
7 min readApr 10, 2024
On Friday, March 29, 2024, Andres Freund rocked the open-source software (OSS) community, and, frankly, the entire software community by revealing that he had found a shocking backdoor in the xz compression utils. The Microsoft engineer goes into some detail about the steps he took to find the cause of the…