JDownloader’s official website was breached and used to distribute malware through installer downloads for over a day before the issue was confirmed. Attackers exploited an unpatched website vulnerability, gaining the ability to alter access control settings and modify download links. This allowed them to replace all alternative Windows installer links with malicious unsigned executables, marked by the unusual publisher “Zipline LLC” rather than the expected “AppWork.” On Linux, the shell installer was also swapped for a version containing malicious shell code. However, following user reports and Windows SmartScreen warnings, the team responded by taking the website offline while conducting a full investigation. The breach did not affect the main JDownloader.jar file or macOS installers. Packages released via WinGet, Flatpak, and Snap, as well as in-app updates, remained safe due to independent infrastructure and signature protections. Some users who ran the compromised installers expe...
Related
KDE Plasma 6.7 adds per-screen virtual desktops, Union theming system, and Wayland updates
KDE Plasma 6.7 introduces major enhancements for Unix-based platform users, including per-screen virtual desktops and a quick toggle for immediate switching between light and dark ...
Microsoft now lets you deeply customize Visual Studio 2026 with new options & color tokens
Visual Studio 2026 now features a built-in configuration page for theme customization, letting users adjust hex color codes for accent colors and hover states directly within the a...
FreeBSD 15.1 released with updated Wi-Fi drivers, improved C23 support, and Unicode 17.0
FreeBSD 15.1 has been released as the latest version of this free and open-source Unix-like operating system. The update includes several notable advancements aimed at developers a...