<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Recap: Life as an open source maintainer after xz

It’s been six weeks since a developer uncovered a hack of epic scope in the popular Linux compression library called xz utils (previously known as ...
Amy Hays
by Amy Hays
on May 15, 2024

Is xz actually an open source success story?

By Jeremy Katz on April 17, 2024
It’s been just over two weeks since we all learned about a backdoor that had been slowly and carefully placed in the xz-utils library over a period ...

Maintainer panel: Hear from maintainers in a post-xz utils backdoor world

By Amy Hays on April 15, 2024
A few weeks ago, a very sinister, sophisticated hack was uncovered in an obscure but ubiquitous Linux library called xz utils.

xz utils hack: what is it?

By Luis Villa on April 2, 2024
Late last week, a developer noticed some unusual behavior on their computer, investigated it, and uncovered a hack of epic scope, in an obscure but ...

Had enough of the zero-day exploit and fire drill?

By Havoc Pennington on December 6, 2018
Yeah, there will always be more.

Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?

By Keenan Szulik on November 27, 2018
Late last week, users of the popular JavaScript library event-stream discovered a vulnerability in the package caused by a malicious actor who had ...
  • There are no suggestions because the search field is empty.

Don't miss the latest from Tidelift

Filter by Topic