Open source organizations claim that more software projects might have been the subject of sabotage.
The Open Source Security Foundation and the OpenJS Foundation have released a joint statement stating that the attempt to introduce a covert backdoor into XZ Utils, a little-known application that is included into Linux operating systems worldwide,'may not be an isolated incident'.
The Open Source Security Foundation and the OpenJS Foundation have released a joint statement stating that the attempt to introduce a covert backdoor into XZ Utils, a little-known application that is included into Linux operating systems worldwide,'may not be an isolated incident'.
According to an alert sent on Monday by two open source organizations, there may have been many efforts to compromise important internet-wide digital infrastructure, including the recent attempt by an unidentified actor to disrupt a widely used software program.
They said that anonymous people had targeted at least three separate JavaScript projects and were requesting suspicious modifications or wanting to become program maintainers.
The majority of the contemporary web is powered by the JavaScript programming language, which is widely used worldwide. The general manager of the Open Source Security Foundation, Omkhar Arasaratnam, stated that tens of millions of downloads were made each week for just one of the targeted packages.
Arasaratnam also said that while it wasn’t clear what the suspected malicious actors were hoping to do – “we stopped them before they got that far” –he had a suspicion that they also wanted to include backdoors in such programs.
News source:
What's Your Reaction?