xz Utils Backdoor: The Most Sophisticated Supply Chain Attack Since SolarWinds
In March 2024, a Microsoft engineer accidentally discovered a backdoor in xz Utils that had been planted by an attacker who spent nearly three years building trust in the open-source community. The near-miss could have compromised millions of Linux servers.