The FreeBSD team has announced over the weekend that two machines within the FreeBSD.org cluster have been compromised and have been consequently pulled offline for analysis.

Audits have been performed to verify the infrastructure and source trees are clean and the suspect machines "are either being re installed retired, or thoroughly audited before being brought back online," the cluster administration team said.
The FreeBSD Project was gearing up for the FreeBSD 9.1 release, however as it is unable to verify the integrity of the package set, that has been removed and will be rebuilt prior to the release.
The advisory includes several recommendations about the tools users and developers should use for updates, source code copying and signed binary distribution.