Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica
TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.
![](https://incremental.social/media/cache/resolve/entry_thumb/49/41/4941f6e5c4cb2d8d4512a181e22d8e56968fe5ba5f07ec436c53fbdb0e3608a8.jpg)