Sucuri Security reports they are tracking a series of attacks affecting many web sites, they say WordPress seems to be the target application so far, the attack adds javascript to the web sites. The code injection attacks target outdated WordPress sites. The script serves as a redirector to malicious domains.
Sucuri has developed an automated script that people can use to clean up their compromised websites. The script can be downloaded from http://sucuri.net/malware/helpers/wordpress-fix_php.txt, needs to be renamed to .php, uploaded to the server and executed by accessing it in a browser.
