Juniper Networks has had quite the week. On Thursday it seems that some unauthorized code was found to have been inserted into their ScreenOS, which forms the basis for their hardware filewalls. This malicious code would allow a backdoor into the firewall, letting potential attackers decrypt VPN traffic with the keys found inside.
The fun doesn't stop there, however. Now the FBI has now gotten involved and will be investigating the possibility of whether foreign governments had been involved with inserting the malicious code for the purposes of intercepting encrypted communications from government employees.
And even in the non-governmental sector, Juniper is a widely used brand of IT security products, so it can't be ruled out that it was a privately funded and conducted attack with motivations not tied to any government.
Thankfully, security patches have been issued that fix this issue, and there is currently no evidence that this particular exploit had ever been used. Though we might never know due to how clever individuals could hide their tracks very easily with this code installed.