Executive Overview In late March 2024, the global cybersecurity and open-source software communities were confronted with a watershed event: the discovery of a highly sophisticated, multi-year supply chain compromise targeting the XZ Utils compression library. Tracked under the Common Vulnerabilities and Exposures identifier CVE-2024-3094, this vulnerability was immediately assigned a maximum Common Vulnerability Scoring System (CVSS) score of 10.0, reflecting its critical se

Our team, consisting of Anugreh Newton, Rutuja Kharat, Judah Benjamin Raj, and myself, recently embarked on an exciting project to...