Apache's Atlassian JIRA system compromised
he Apache Software Foundation has detailed how its hosted Atlassian JIRA, Confluence and Bugzilla systems and hashed passwords were compromised in a direct targeted attack on the open source project's infrastructure. As the JIRA and Confluence systems use a SHA-512 hash without a random salt, the Infrastructure team believe that the risk to users with simple passwords is high and recommends that most users should change their password. If users logged into Apache's JIRA between April 6th and the 9th, they should also consider their passwords compromised.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump