frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Hackers breach JDownloader website to serve malware-laced downloads

https://www.neowin.net/news/if-you-downloaded-this-popular-software-recently-you-might-have-installed-malware/
33•bundie•1h ago

Comments

bundie•1h ago
u/rubi2333 uploaded the malicious files to virustotal.com

JDownloader2Setup_windows-amd64_v1_8_0_482.exe: https://www.virustotal.com/gui/file/5a6636ce490789d7f26aaa86...

JDownloader2Setup_windows-amd64_v11_0_30.exe: https://www.virustotal.com/gui/file/fb1e3fe4d18927ff82cffb3f...

JDownloader2Setup_windows-amd64_v17_0_18.exe: https://www.virustotal.com/gui/file/04cb9f0bca6e0e4ed30bc927...

JDownloader2Setup_windows-amd64_v21_0_10.exe: https://www.virustotal.com/gui/file/32891c0080442bf0a0c5658a...

JDownloader2Setup_windows-x86_v1_8_0_472.exe: https://www.virustotal.com/gui/file/4ff7eec9e69b6008b77de1b6...

JDownloader2Setup_windows-x86_v11_0_29.exe: https://www.virustotal.com/gui/file/de8b2bdfc61d63585329b8cf...

JDownloader2Setup_windows-x86_v17_0_17.exe: https://www.virustotal.com/gui/file/e4a20f746b7dd19b8d9601b8...

JDownloader2Setup_unix_nojre.sh: https://www.virustotal.com/gui/file/6d975c05ef7a164707fa3592...

salomonk_mur•46m ago
What? How would you know it was them?
Retr0id•41m ago
Comparing the hashes would be one way
Our_Benefactors•1h ago
I’ve never run into a program that manages to disregard as many UX best practices as Jdownloader. It has more maddening features than I can count. Even stuff like sorting a column by date doesn’t work how you would want it to, because it applies some “package grouping”. It’s the epitome of nonsensical defaults, features that maybe 1% of the user base would want and care about but toggled on by default.
Existing4190•42m ago
> As there has been a question about updates. Those are not compromised, different infra, protected by end-2-end digital signature.

Phew!

From: https://old.reddit.com/r/jdownloader/comments/1t6goqe/is_the...

kristofferR•31m ago
What's new? Hasn't JDownloader already served malware with the default installer for years, you had to use specific adware-free installers to avoid it?

https://board.jdownloader.org/showthread.php?t=54725

Cider9986•10m ago
Here is a guide to debloat JDownloader

(https://claraiscute.neocities.org/Guides/jdownloader2/)

dark theme (https://github.com/moktavizen/material-darker-jdownloader)

RandomGerm4n•9m ago
I wish there was finally a decent alternative to this junk. JDownloader pretends to be GPL, but parts of it are closed source. Plus, the Windows installer on the official site is a gamble, and you can only find a clean installer in the forum. The developers claim it’s "just adware", but since it’s a web-based installer, different things are offered depending on your IP address. Some of these install themselves even if you decline them, and some also contain real malware. It was actually to be expected that they wouldn't secure their website properly and that someone else would end up spreading malware as a result. The only reason to still use this software is that it works with every obscure filehoster out there. Alternatives like pyload are much less effective at bypassing all the security measures these sites put in place to block download managers. It also lets you download videos from streaming sites that other tools like yt-dlp refuse to support.

Poland is now among the 20 largest economies. How it happened

https://apnews.com/article/poland-economy-growth-g20-gdp-26fe06e120398410f8d773ba5661e7aa
210•surprisetalk•1h ago•205 comments

An Introduction to Meshtastic

https://meshtastic.org/docs/introduction/
73•ColinWright•2h ago•30 comments

Just Fucking Use Go

https://blainsmith.com/articles/just-fucking-use-go/
16•xngbuilds•12m ago•0 comments

Canvas is down as ShinyHunters threatens to leak schools’ data

https://www.theverge.com/tech/926458/canvas-shinyhunters-breach
790•stefanpie•15h ago•504 comments

US Government releases first batch of UAP documents and videos

https://www.war.gov/UFO/
27•david-gpu•1h ago•9 comments

Cloudflare to cut about 20% workforce

https://www.reuters.com/business/world-at-work/cloudflare-cut-over-1100-jobs-2026-05-07/
965•PriorityLeft•17h ago•669 comments

Maybe you shouldn't install new software for a bit

https://xeiaso.net/blog/2026/abstain-from-install/
651•psxuaw•14h ago•360 comments

ClojureScript Gets Async/Await

https://clojurescript.org/news/2026-05-07-release
147•Borkdude•6h ago•40 comments

GeoJSON

https://geojson.org/
46•tosh•3h ago•25 comments

Dirtyfrag: Universal Linux LPE

https://www.openwall.com/lists/oss-security/2026/05/07/8
700•flipped•18h ago•295 comments

Rumors of my death are slightly exaggerated

511•CliffStoll•1d ago•70 comments

Dithering with CSS

https://ikesau.co/blog/dithering-with-css/
64•speckx•3d ago•18 comments

The map that keeps Burning Man honest

https://www.not-ship.com/burning-man-moop/
689•speckx•23h ago•326 comments

Nintendo announces price increases for Nintendo Switch 2

https://www.nintendo.co.jp/corporate/release/en/2026/260508.html
145•razorbeamz•6h ago•120 comments

Pinocchio is weirder than you remembered

https://storica.club/blog/pinocchio-in-italian/
218•cemsakarya•2d ago•93 comments

Hackers breach JDownloader website to serve malware-laced downloads

https://www.neowin.net/news/if-you-downloaded-this-popular-software-recently-you-might-have-insta...
34•bundie•1h ago•8 comments

Agents need control flow, not more prompts

https://bsuh.bearblog.dev/agents-need-control-flow/
517•bsuh•21h ago•253 comments

A polynomial autoencoder beats PCA on transformer embeddings

https://ivanpleshkov.dev/blog/polynomial-autoencoder/
63•timvisee•3d ago•17 comments

Brazil's Pix payment system faces pressure from Visa and Mastercard

https://www.elciudadano.com/en/brazils-pix-payment-system-faces-pressure-from-visa-and-mastercard...
278•wslh•20h ago•240 comments

DeepSeek 4 Flash local inference engine for Metal

https://github.com/antirez/ds4
434•tamnd•22h ago•124 comments

Natural Language Autoencoders: Turning Claude's Thoughts into Text

https://www.anthropic.com/research/natural-language-autoencoders
323•instagraham•19h ago•100 comments

Singapore introduces caning for boys who bully others at school

https://www.theguardian.com/world/2026/may/06/singapore-caning-school-bullies
248•rustoo•2d ago•361 comments

Blaise – A modern self-hosting zero-legacy Object Pascal compiler targeting QBE

https://github.com/graemeg/blaise
72•peter_d_sherman•9h ago•30 comments

QBE – Compiler Back End

https://c9x.me/compile/
21•smartmic•6h ago•0 comments

Hardening Firefox with Claude Mythos Preview

https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
253•HieronymusBosch•21h ago•116 comments

AlphaEvolve: Gemini-powered coding agent scaling impact across fields

https://deepmind.google/blog/alphaevolve-impact/
308•berlianta•22h ago•132 comments

GNU IFUNC is the real culprit behind CVE-2024-3094

https://github.com/robertdfrench/ifuncd-up
107•foltik•13h ago•47 comments

GPT-5.5 Price Increase: What It Costs

https://openrouter.ai/announcements/gpt55-cost-analysis
105•gmays•12h ago•24 comments

Plasticity and language in the anaesthetized human hippocampus

https://www.bcm.edu/news/researchers-discover-advanced-language-processing-in-the-unconscious-hum...
125•hhs•14h ago•48 comments

AI slop is killing online communities

https://rmoff.net/2026/05/06/ai-slop-is-killing-online-communities/
740•thm•19h ago•631 comments