News and Notes from the Makers of Nexus | Sonatype Blog

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma

By Ilkka Turunen on April 01, 2024 Software Supply Chain

Learn about a new, targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian. Understand its impact, potential risks

2 minute read time

Sonatype is automating container security via an open API that makes it easy for third-party container scanners to integrate with Nexus Lifecycle - starting.

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma

Nexus Lifecycle Now Integrates With Red Hat Clair to Secure Containers Across the SDLC

Secure your software supply chain

Subscribe for all the latest software security news and events