Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ah, so the next stage would have been to add a "bug" in xz that would trigger during the supposedly sandboxed execution, when presented with certain input files. Clever.



Well, is also quite possible that adding such a bug was the previous stage. Or even just having found one that you didn't report/fix...




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: