The next xz attack

Session Abstract

Gemini hat gesagt
The 2021–2024 xz backdoor attack exploited social engineering to target critical SSH infrastructure. This talk warns that, fueled by LLMs, similar attacks will rise, and the traditional profile of “undermaintained” projects being the only targets no longer applies. Security models must adapt to these sophisticated new threats.

Session Description

Between 2021 and 2024 a successful social engineering attack inserted a backdoor into the xz compression library which, due to
xz’s use in the SSH protocol for connecting to remote servers securely, could have allowed the attacker access to practically any
server running an open source OS in the world. This talk will suggest that, in the age of LLMs, this is not the last attack of this kind
we will see, and that the classical vulnerability profile of an undermaintained project, which was seen in the case of xz, may not
necessarily apply.

Auditorium
16.Mar 2026
17:40pm - 17:45pm
Lightning Talk
Daphne Preston-Kendal
Daphne Preston-Kendal
All Speakers
All Sessions