A heads up if you run blogs - last night I was doing some programming and found that all my websites under one hosting account were quietly hacked.
Websites were functioning normally, but most PHP scripts had injected worm on first line. When doing some research, I found this has spread from WordPress vulnerability. If you have WordPress, check the first line of your index.php for something like eval(gzinflate(base64_decode( and then long line of characters.
I have removed WordPress for now and wrote a program to search and disinfect the worm. It was spread in around 250 files across 3 sites. It was originally spread across 5 sites, but I completely removed 2 of the non-essential sites and for now WordPress from all sites until I secure it ... so the infection may have been much larger.
