Full article here: Sophos
Apparently the korean mirror cdnetworks-kr-1 was serving an infected version of phpMyAdmin 126.96.36.199 over the last week-end which was downloaded about 400 times.
Identifying whether you've been affected or not is quite easy:
If you're a pgpMyAdmin user, it's well worth checking your install for the rogue file server_sync.php. (There shouldn't a file of that name, though there is an official server_synchronize.php component in 188.8.131.52.)
Also, re-download the distribution file and verify that your copy of js/cross_framing_protection.js is correct.T