I noticed some rather, er, strange behavior when I had comments e-mailed to me this morning, specifically that some odd code was being appended to the end of permalinks in WordPress. It took all of about 5 seconds to realize that my install of WordPress had been compromised. I’ve since updated to the latest version of WordPress and removed the offending code snippets, so things should be back to normal. Thankfully, they didn’t gain access to the admin panel or appear to have modified any posts or comments. Apparently Apache and PHP are configured properly so that these injection attacks result in a big bucket of fail for the attackers.
Moral of the story? Keep WordPress up to date.
