tags:openSSHsupply_chain original link: OpenSSH Backdoors newsletter link: exploits.club Weekly Newsletter 36 - Regex Fuzzing, C++ Metadata, Kernel Streaming, And More
Exploits Club Summary:
Everyone’s favorite blogger, @benhawkes returned to the Isosceles blog this week to write about the OpenSSH backdoor…and maybe not the one you are thinking of. The post examines a backdoor attempt of the critical software back in 2002 and compares the similarities and differences to the 2024 xz-util debacle. The biggest takeaway? Supply chain security is a real mess.