Linux distributor security list destroyed after hacker compromise
Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list.
In a note to “Vendor-Sec” members, moderator Marcus Meissner said he noticed the break-in on January 20 but warned that it might have existed for much longer.
I have disabled the specific backdoor, but as I am not sure how the break-in happened it might reappear. So I recommend not mailing embargoed issues to vendor-sec@….de at this time.