Major Linux distributions have been impacted by a supply chain attack involving backdoored versions of the XZ Utils data compression library. The code was designed to execute at the end of configure and modify the liblzma library, which is part of the XZ Utils package, to provide unauthenticated access to the system. The backdoor interferes with authentication in sshd via systemd, tapping into the service that allows remote access to systems over the SSH protocol, potentially allowing attackers to break sshd authentication and gain access to the system. The US cybersecurity agency CISA advised developers and users to downgrade XZ Utils to a clean version and to check their systems for any malicious activity.

Read more: https://www.securityweek.com/supply-chain-attack-major-linux-distributions-impacted-by-xz-utils-backdoor/