A curious Microsoft employee has saved the world from a potential global meltdown as several Linux distros were found vulnerable to an XZ backdoor tracked under CVE-2024-3094 (CVSS score of 10.0).
Critical vulnerability RSS
The bug has apparently been lurking in the browser's UI for some time, and no known exploits apparently had occurred, but the good news is that the fix affects build 58, beta 59, and future builds.