Kyle Rankin on Nostr: Whenever security incidents happen, you always see certain vendors take part in ...
Whenever security incidents happen, you always see certain vendors take part in ambulance chasing: blog posts that talk about how *their* product could have prevented it.
I've come to expect it from commercial vendors, but I didn't expect OpenSSF to do it, especially when their charter is precisely to prevent things like this from happening in exactly these kind of under-resourced-but-important projects.
https://openssf.org/blog/2024/03/30/xz-backdoor-cve-2024-3094/
I've come to expect it from commercial vendors, but I didn't expect OpenSSF to do it, especially when their charter is precisely to prevent things like this from happening in exactly these kind of under-resourced-but-important projects.
https://openssf.org/blog/2024/03/30/xz-backdoor-cve-2024-3094/