The open-source Apache Software Foundation pulled its Apache.org Web site offline for about three hours today because of server hack caused by a compromised SSH key.
A brief message posted on the site made it clear the compromise was “not due to any software exploits in Apache itself”, but was actually caused by a compromised SSH key.
See the initial report from Apache.
Source: ZDnet