Will a supply chain attack akin to the xz backdoor targeting developer toolchains be discovered before 2025?

23

1kṀ1503

resolved Jan 1

Resolved

NO

1H

6H

1D

1W

1M

ALL

Market resolves YES if a vulnerability/backdoor is intentionally introduced into an open source project used heavily by developers for the purpose of developing software, or if in my estimation it appears to directly target developer users. The market will resolve 12/31/24, so it must be discovered by then to qualify. Must be a project with at least 1k GitHub stars at the time of discovery.

Examples of projects I would consider part of developer toolchains under most circumstances (not an exhaustive list):

• homebrew (maybe arbitrary, but my assumption is that mostly developers use this)

• Linters/formatters

• LSPs

• Text editors and plugins/etc

• AI code assistants

• Programming environment/version managers (pipenv, rbenv, nvm, etc)

Examples of projects I would not consider in-scope under most circumstances:

• The Linux kernel

• curl

• OpenSSH

• General LLMs

• Most libraries that are simply imported into other software projects

Information security

Get

1,000

to start trading!

🏅 Top traders

#	Name	Total profit
1		Ṁ181
2		Ṁ150
3		Ṁ17
4		Ṁ10
5		Ṁ9

People are also trading

Is a state actor behind the XZ backdoor?

Will a Silicon Valley company be the target of a domestic terrorism attack by end 2025?

Will my employer be hit with a major ransomware attack again by the end of 2025?

Will a cyber attack by a top 10 GDP nation exposing mass private civilian data occur before 2028?

Will there be a major bioattack by EOY 2025 where an LLM provided relevant information to the attacker(s)?

Will any advanced AI chip fabs or their key supply chains be heavily physically damaged deliberately by 2028?

Yet another large coordinated "exploding devices" attack before 2026?

Will the US require hardware security features on cutting-edge chips by 2028?

Will an adversarial attack for the human brain, a la "basilisk" from BLIT, be discovered by 2030?

Will there be a terrorist attack against OpenAI before 2027?

Related questions

Is a state actor behind the XZ backdoor?

Will a Silicon Valley company be the target of a domestic terrorism attack by end 2025?

Will my employer be hit with a major ransomware attack again by the end of 2025?

Will a cyber attack by a top 10 GDP nation exposing mass private civilian data occur before 2028?

Will there be a major bioattack by EOY 2025 where an LLM provided relevant information to the attacker(s)?

Will any advanced AI chip fabs or their key supply chains be heavily physically damaged deliberately by 2028?

Yet another large coordinated "exploding devices" attack before 2026?

Will the US require hardware security features on cutting-edge chips by 2028?

Will an adversarial attack for the human brain, a la "basilisk" from BLIT, be discovered by 2030?

Will there be a terrorist attack against OpenAI before 2027?

© Manifold Markets, Inc.•Terms•Privacy