homepage
Menu
Open menu

Beneath the Mask: Can Contribution Data Unveil Malicious Personas in Open-Source Projects?

In February 2024, after building trust over two years with project maintainers by making a significant volume of legitimate contributions, GitHub user "JiaT75" self-merged a version of the XZ Utils project containing a highly sophisticated well-disguised backdoor targeting sshd processes running on...
By
Ruby Nealon
May 13, 2025
Download

All papers are copyrighted. No re-posting of papers is permitted

470x382_Generic_Whitepaper.jpg

Related Content

Blog
ransomware 25 340x340.png
Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming
Visual Summary of SANS Ransomware Summit 2025
Check out these graphic recordings created in real-time throughout the event for SANS Ransomware Summit 2025
No Headshot Available
Alison Kim
read more
Blog
Blog Teaser: Shoplifting2.0 340x340.jpg
Digital Forensics, Incident Response & Threat Hunting
Shoplifting 2.0: When it’s Data the Thieves Steal
Identify steps organisations can implement to protect against Scattered Spider and DragonForce
Adam Harrison
Adam Harrison
read more
Blog
340x340.png
Artificial Intelligence (AI)
A Visual Summary of SANS AI Cybersecurity Summit 2025
Check out these graphic recordings created in real-time throughout the event for SANS AI Cybersecurity Summit 2025
No Headshot Available
Alison Kim
read more