“backdoor in upstream xz/liblzma leading to ssh server compromise”, detailed analysis by Andres Freund 👇

https://www.openwall.com/lists/oss-security/2024/03/29/4