Security · 8h ago
'Half a Second' Book Chronicles the XZ Backdoor Attack
A new book titled 'Half a Second' details the sophisticated supply-chain attack on the XZ compression library. The incident, discovered in 2024, involved a malicious backdoor that could have compromised SSH authentication on Linux systems. The book explores the technical and social engineering aspects of the attack.
Meridian48 take
While the book offers a thorough postmortem, it remains to be seen whether the industry will implement the systemic changes needed to prevent similar supply-chain compromises.
xz-backdoorsupply-chain-attack