XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack

Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.