[jonas-w]

from TFA: > Until further notice, do not use the official CurseForge launcher, or download anything from CurseForge or the Bukkit plugin repository. While the control server for this malware is currently offline, any download from CurseForge or the Bukkit plugin repository in in the last 2-3 weeks should be treated as potentially malicious. This malware is unlikely to be detected by Windows Defender or similar antimalware products.

[emmelaich]

Why do they say it's unlikely? Surely defender/av products will soon be able to detect it? Or do they mean right now? Frustrating.

[Eiim]

They've said that virus scanners have started to add the malware signatures now, but I think the point was to say that "you're not fine just because you have an antivirus that would have caught it".