Subject: backdoor in upstream xz/liblzma leading to ssh server compromise Check news.ycombinator.com/item?id=39865810 comments as well