Carefully Crafted Campaign Led to XZ Utils Backdoor

The person or people that implanted malicious code into XZ Utils put time and effort into building trust in the open source software ecosystem.

Decipher Podcast: Source Code 3/29

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

CISA Releases Cyber Incident Reporting Rule Draft

CISA has laid out the proposed details of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA).

Red Hat, CISA Warn of XZ Utils Backdoor

The malicious code (which is being tracked as CVE-2024-3094) is embedded in XZ Utils versions 5.6.0 and 5.6.1, and may allow unauthorized access to impacted systems.

U.S. Offers Reward For BlackCat Ransomware Group Intel

The U.S. government is looking for more information about the individuals affiliated with the BlackCat ransomware group, which was behind the Change Healthcare attack.