SSH, everyone's favorite nifty remote commandline tool. Recently there was a bit of a panic when people realized there was a vulnerability in the current version, and sysadmins rushed to upgrade to a brand-new version with a fix. If this was you, you might want to pay attention: the latest version has been [glowpurple]trojaned[/glowpurple] .

The incidents@securityfocus.com mailing list was notified early this morning. The guy who discovered the trojan has a weblog, which is over its bandwidth limitations for the moment thanks to Slashdot. Also thanks to Slashdot, a karma-whoring copy of the revelant info on that weblog is available. We owe it all to MD5 checksumming.