If it wasn’t for that Microsoft employee someone could have written a worm for the xz exploit and melt the whole internet. a missed opportunity for “malware” artists. well I figure the strategy of manipulating a lone maintainer to install a backdoor would work very easily on obscure projects like openbsd where nobody checks anything.