on monday september 26 2011, mysql.com was issuing malicious javascript code that resulted in malware being installed on users’ windows systems without their knowledge or approval
the security hole was fixed the same day
see http://blog.armorize.com/2011/09/mysqlcom-hacked-infecting-visitors-with.html for a detailed analysis of the exploit
more news on this incident can be found by searching for mysql.com malware
the exposure lasted only a matter of hours on monday september 26th, and then was fixed
the sad news is, only about half of the many popular virus detection products, so far, are able to detect it
see this report on virustotal.com