Backdoor found in Piwik analytics software
A backdoor has been added to the web server analytics Piwik which allows attackers to take control of a system. Users who have setup Piwik in the last few weeks after downloading it from the server of the open source project and installing it, should review their servers immediately.
EDIT: For the official statement see http://piwik.org/blog/2012/11/securi...2012-nov-26th/
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump