PLEASE. I keep seeing it in memes. As I understand it the latest version of the xz
package (present in rolling release distros like Arch and SUSE Tumbleweed) has “a backdoor”, but I have no earthly clue what can be done by malicious folks with access to that backdoor or if I should be afraid or how to check if my distro is compromised or how to prevent damage if it is or (…)
Maybe initially, when nobody knew about it. I bet it’ll be reverse engineered and filtered down to script kiddies soon, if it hasn’t already. If your server is affected, you should definitely fix it or even reinstall.