VestaCP compromised in a new supply-chain attack Customers see their admin credentials stolen and their servers infected with Linux/ChachaDDoS October 18, 2018 https://www.welivesecurity.com/2018...alware-distributed-servers-vestacp-installed/
Widely used open source software contained bitcoin-stealing backdoor https://arstechnica.com/information...y-used-open-source-software-to-steal-bitcoin/
Distributing Malware By Becoming an Admin on an Open-Source Project November 28, 2018 https://www.schneier.com/blog/archives/2018/11/distributing_ma.html