<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Is xz actually an open source success story?

It’s been just over two weeks since we all learned about a backdoor that had been slowly and carefully placed in the xz-utils library over a period ...
Jeremy Katz
by Jeremy Katz
on April 17, 2024

Maintainer panel: Hear from maintainers in a post-xz utils backdoor world

By Amy Hays on April 15, 2024
A few weeks ago, a very sinister, sophisticated hack was uncovered in an obscure but ubiquitous Linux library called xz utils.

xz utils hack: what is it?

By Luis Villa on April 2, 2024
Late last week, a developer noticed some unusual behavior on their computer, investigated it, and uncovered a hack of epic scope, in an obscure but ...

Had enough of the zero-day exploit and fire drill?

By Havoc Pennington on December 6, 2018
Yeah, there will always be more.

Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?

By Keenan Szulik on November 27, 2018
Late last week, users of the popular JavaScript library event-stream discovered a vulnerability in the package caused by a malicious actor who had ...
  • There are no suggestions because the search field is empty.

Don't miss the latest from Tidelift

Filter by Topic