🐺 Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack

｢ a new breed of supply chain attack that manipulates software engineering practices themselves – from community management to CI/CD configurations – to establish legitimacy and maintain long-term control ｣

https://arxiv.org/pdf/2504.17473

#xzutils #supplychainattack #opensource

🐺 Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack

｢ a new breed of supply chain attack that manipulates software engineering practices themselves – from community management to CI/CD configurations – to establish legitimacy and maintain long-term control ｣

https://arxiv.org/pdf/2504.17473

#xzutils #supplychainattack #opensource