* [Bullying in Open Source Software Is a Massive Security Vulnerability](https://www.404media.co/xz-backdoor-bullying-in-open-source-software-is-a-massive-security-vulnerability/)
* [Why a near-miss cyberattack put US officials and the tech industry on edge](https://www.reuters.com/technology/cybersecurity/why-near-miss-cyberattack-put-us-officials-tech-industry-edge-2024-04-05/)
* [Backdoor found in widely used Linux utility targets encrypted SSH connections](https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/)
* [What can you actually do to reduce the threat of hacks like xz?](https://www.fastly.com/blog/what-can-you-actually-do-to-reduce-the-threat-of-hacks-like-xz)
* [NYT: Did One Guy Just Stop a Huge Cyberattack?](https://www.nytimes.com/2024/04/03/technology/prevent-cyberattack-linux.html?unlocked_article_code=1.hk0.72fI.IyWXvuupgMrj&smid=nytcore-ios-share&referringSource=articleShare&ugrp=m&sgrp=c-cb)
* [Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor](https://securityaffairs.com/161396/security/cve-2024-3094-backdoor-scanner.html)
* [Timeline of the xz open source attack](https://research.swtch.com/xz-timeline)
* [Everything I Know About the XZ Backdoor](https://boehs.org/node/everything-i-know-about-the-xz-backdoor)
* [xzbot Exploration of the xz backdoor (CVE-2024-3094)](https://github.com/amlweems/xzbot)
* [The XZ Backdoor CVE-2024-3094](https://snyk.io/blog/the-xz-backdoor-cve-2024-3094/)
* [Easy-to-use make-me-root exploit lands for recent Linux kernels. Get patching](https://www.theregister.com/2024/03/29/linux_kernel_flaw/?utm_source=tldrinfosec)
* [Backdoor Discovered in xz/liblzma Compression Library](https://sourcesmethods.com/xz-utils-backdoor-discovered/)
* [Linux could have been brought down by backdoor found in widely used utility](https://www.techspot.com/news/102456-linux-could-have-brought-down-backdoor-found-widely.html)
* [Technologist vs spy: the xz backdoor debate](https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor)
* [How the backdoor was found](https://mastodon.social/@AndresFreundTec/112180406142695845)
* [Backdoor found in widely used Linux utility breaks encrypted SSH connections](https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/)
* [An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections](https://securityboulevard.com/2024/03/an-accidental-discovery-of-a-backdoor-likely-prevented-thousands-of-infections/)
* [The Xz Backdoor Highlights the Vulnerability of Open Source Software—and Its Strengths](https://www.404media.co/the-xz-backdoor-highlights-the-vulnerability-of-open-source-software-and-its-strengths/)