Red Hat warns of backdoor in XZ tools used by most Linux distros

**Executive summary:** A malicious backdoor was discovered injected into XZ Utils/liblzma (versions 5.6.0 and 5.6.1), enabling interference with sshd authentication via systemd and potentially allowing unauthorized pre-auth remote access; major Linux distributions and security agencies (Red Hat, Debian, CISA) have issued high-severity advisories (CVE-2024-3094, CVSS 10.0) and recommended downgrades and forensic hunts.