On the heels of a post by Matt Mullenweg, I thought it best to also make a post here to put any confusion that may ensue to rest:
Suspicious activity in wordpress.org plugin was noticed and a few plugins were found to be compromised. Malicious code was added to these plugins creating backdoor access to the web server. You would only be affected if you downloaded an update of the plugin today.
Once we were notified of the issue, we made sure that the current stable release (0.9.2.2) was restored to normal in addition to releasing the current development version as (0.9.2.3) allowing users to get an upgrade notification in WordPress Admin.
Needless to say, if you haven’t already upgraded, we encourage you to do so straight away via the WordPress Admin’s plugins page, it just takes a minute. If you did not upgrade today, you site should be secure, however we encourage you to update so that your site can take advantage of the additional performance optimizations included with each release.
As many of you have learned from working with us, W3TC seeks to improve the search engine ranking, conversion rates and user experience of web sites for free. We welcome you to submit a bug submission form from the support tab of the plugin to help us identify issues in new features and old features as the performance framework is used in more and more cases.
As always, thanks for your understanding and participation.