Years ago there was a commit to the Linux kernal that strangly had no author. This got some attention of several of the developers.
Looking into the code that had to deal with network transmission. there was a section that if you tried to get network access in a unusual way had a check that was written something like this.
If (usr_permission = ROOT) ...
Instead of
If (usr_permission == ROOT) ...
The first giving the user root if invoked and the second checking to see if the user was root.
It's widely thought this was the NSA or some other intelligence agency trying to backdoor lin Linux.
This is because NSA has two roles: eavesdropping on foreign adversaries, and protecting our internal systems from adversaries. Under the first role, they might introduce an exploit known only to themselves. Under the second, they help protect US systems from exploits known to others.
Notably this was in 2003 before git (2005) so linux source was in a central bitkeeper repo. So a commit with no associated data about who did it should not have been possible.