Oh, SSH, IT please see this: Malicious servers can fsck with your PC's files during scp slurps

Data transfer tools caught not checking what exactly they're downloading
A decades-old oversight in the design of Secure Copy Protocol (SCP) tools can be exploited by malicious servers to unexpectedly alter victims' files on their client machines, it has emerged.…