Submission + - Linux distributor security list compromised (zdnet.com)
Immediately after Meissner's warning e-mail, the attacker re-entered the compromised machine and destroyed the installation."
Meissner has since killed the list: So everyone please consider vendor-sec@....de is dead and gone at this point, successors (or not) will hopefully result out of this discussion.
The H Security notes (link to the H's article) that this isn't the first compromise of the Vendor-Sec list. In 2005, black hat hackers reportedly hijacked a kernel exploit for root access from the list.