Suggested Reads

Code shines up nicely in production, says Chocolate Factory's Bergstrom

A mysterious contributor who planted the backdoor helped maintain the widely used xz compression library for the past two years. So what else was hidden in there?

The xz-utils backdoor in security advisories by national CSIRTs, Author: Jan Kopriva

There's also a wide spread when it comes to acceptable range, Edmunds found.

Redis CEO scoffs at the fork, characterizing it as an underhanded ploy of the cloud providers to avoid paying licensing fees.

At KubeCon Europe, we heard a lot about the current and future relationship of AI and Kubernetes, the orchestrator originally built to be stateless.

A new project to resume development on the formerly open-source Redis project. - valkey-io/valkey

Ukraine is building 1,200 miles of fortifications. Some military officials are asking why work didn't start months ago.

Vendor takes hardline approach to patch disclosure to new levels

While the uutils Rust-written Coreutils effort has been chugging along, the upstream GNU Coreutils effort is showing no signs of slowing down

Hidden skills can include adaptability, public speaking and a knack for documentation.

BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet

BTW, I am not saying that this is what happened in the #xz backdoor case, but what does not help is, github makes it quite trivial to spoof user accounts... I was just able to make a commit as this person, in my own repository: https://t.co/h7TgTsT5J9 pic.twitter.com/EgoIdGzYKB— hasherezade (@hasherezade) March 31, 2024

To deploy Burp Suite Enterprise Edition to Kubernetes: Step 1: Set up your Kubernetes cluster Step 2: Install the application Step 3: Create the admin user ...

A sweeping new policy from the Office of Management and Budget also instructs agencies to disclose AI tools they use and prevent discrimination, other risks.

Discover amazing ML apps made by the community

Companies are trying to make the "AI PC" happen with new silicon and software.

A nova named T Coronae Borealis lit up the night about 80 years ago, and astronomers say it’s expected to put on another show in the coming months.

Those hoping to see the nova display should look for the constellation Corona Borealis, or "Northern Crown."

As of 5:00 pm ET on March 29, 2024 the following information is accurate. Should there be updates to this situation, they will be edited onto this blog post. The xz-utils package, starting from versions 5.6.0 to 5.6.1, was found to contain a backdoor (CVE-2024-3094). This backdoor could potentially allow a malicious actor to compromise sshd authentication, granting unauthorized access to the entire system remotely.

Poisoned Easter eggs for all: Apparent supply chain attack caught mercifully early…

Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES

Some staff are worried – can't think why

Please note: This is being updated in real time. The intent is to make sense of lots of simultaneous discoveries