Breaches and Hacks

xz Backdoor

• An incredibly technically complex backdoor in xz (potentially also in libarchive and elsewhere) was just discovered

MOVEit

• CMS Responding to Data Breach at Contractor | CMS
• CMS Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach | CMS

Microsoft Breaches

• CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System | CISA

Sisense

• Why CISA is Warning CISOs About a Breach at Sisense – Krebs on Security