Malicious backdoor in open-source messaging apps not spotted for 3 months: ars technica: If you downloaded one of three messaging apps from the Horde Project's FTP server between November and February, you may be wide open to attacks. It's not the first time a trusted developer of open-source software has been hacked.