All my index.php files were modified by some script kiddy this morning. Interesting, none of my files are writable yet they still managed to create a mess on sites. Here is the code that was injected after the last php tag; REMOVED: Affecting other users' computers. - Beary According to news sources more than 80,000 websites were hit last night. And there is little you can do to prevent it. So if you have a WP blog up and running you better check it! The damage is not as widespread on my sites as most because i can see they are using the REPLACE command and my boxes are Freebsd which does not support the replace command. I have lost 100's of dollars in sales today because of this.