Did you download PostNuke in last 3 days?
"Everyone who downloaded the .ZIP archive of the PostNuke .750 software from downloads.postnuke.com between Sunday and Tuesday should re-download the software and check it against off-site MD5s, according to PostNuke's security officer..."
This is the warning posted this morning by the PostNuke development team after a ZIP archive was trojaned over the weekend.
PostNuke has posted a full explanation of the situation on their website, basically explaining that a exploit in the download management module "pafiledb" allowed someone to redirect the downloads for this zip archive to a compromised version.
You can also find this article at LinuxToday
