This just out, latest nasty attack aimed at self hosted WordPress:
How to know if you've been affected:
- In your permalinks, look for additions that looks like:
...eval(base64_decode... - Also check your users, you may have an additional admin user – look for one you don't recognize.
Read more details at Lorelle's blog: Old Versions of WordPress Under Attack. There's also detailed instructions on how to recover if you've been attacked and hacked.
If you haven't, check your site and upgrade now!
The Best way to stay Safe is to Stay Update and Ugrade your WordPress with latest version.
Thanks for your Tips.