XZ Utils cyberattack likely not an isolated incident By Robin Bender Ginn, Executive Director, OpenJS Foundation; and Omkhar Arasaratnam, General Manager, Open Source Security Foundation The recent attempted XZ Utils backdoor (CVE-2024-3094) may not be an isolated incident as evidenced by a similar credible takeover attempt intercepted by the OpenJS Foundation, home to JavaScript projects used by billions of websites worldwide. The Open Source Security (OpenSSF) and OpenJS Foundations are callin...