Why Nostr? What is Njump?
2024-04-06 10:34:59

Peter on Nostr: The recent ZX hack is quite an impressive long con hack on a carefully picked open ...

The recent ZX hack is quite an impressive long con hack on a carefully picked open source project, slowly gaining trust and then getting hidden malicious code signed. Glad this was found early and did not land into debian LTS, would have been quite bad. Check out the tldr video or jfrog post mortem:

https://youtu.be/bS9em7Bg0iU?si=6QI-fZQ3pm0baIzB

https://jfrog.com/blog/xz-backdoor-attack-cve-2024-3094-all-you-need-to-know/
Author Public Key
npub1fldgkyxjm92mr7zlrejmhd3ymlzx2awhpxpwserzl5v2w7a7a93q0n7wu7