A Microsoft developer has found a backdoor in a software package of a compression library widely used in Linux systems that could have resulted in a massive software supply chain attack. The author of the backdoor was a maintainer of the open source library and had spent years developing the software compromise.
Source: Infosecurity