A timeline of the attack on open-source project XZ Utils, which began in late 2021 and led to a backdoor with RCE in Linux distros from Debian, Red Hat, others (research!rsc)

research!rsc:
A timeline of the attack on open-source project XZ Utils, which began in late 2021 and led to a backdoor with RCE in Linux distros from Debian, Red Hat, others  —  Over a period of over two years, an attacker using the name “Jia Tan” worked as a diligent, effective contributor to the xz compression library …

from Techmeme https://ift.tt/Sf2BvxA