A security researcher uncovered a sophisticated supply‑chain attack where a malicious contributor infiltrated the open‑source xz project, inserted a hidden backdoor into versions 5.6.0 and 5.6.1, and leveraged it to compromise systems that rely on xz via OpenSSH.
Red Hat's urgent security advisory reveals that the latest xz 5.6.0/5.6.1 tools and libraries contain sophisticated malicious code that can grant unauthorized remote access, impacting Fedora 40, Fedora 41, and Rawhide while leaving all RHEL versions unaffected.
A recent security analysis reveals how a malicious contributor infiltrated the open‑source xz compression tool over two and a half years, inserted a backdoor using IFUNC hooks to compromise OpenSSH, and was eventually uncovered due to a CPU‑spike bug, highlighting severe risks for Linux and macOS systems.
This article provides a comprehensive overview of the most frequently used Linux compression utilities (zip, gzip, bzip2, xz) and the tar archiving command, detailing their syntax, key options, how to combine them, and practical examples for compressing and extracting files and directories.
This guide provides a comprehensive overview of common Linux compression and decompression utilities—including gzip, bzip2, zip/unzip, xz, and tar—detailing their descriptions, key options, usage examples, and tips for handling files and directories efficiently.
Learn how to use the Linux tar command to archive files and directories, explore options for creating, listing, and extracting archives, and compare gzip, bzip2, and xz compression methods with performance metrics and practical examples.
