In a follow up to the PHP Injection Script Exploit (http://www.techjaws.com/php-script-injection-exploit-in-wordpress-271/) Gumblar.cn, there is a new version on the loose: Martuz.cn. It is the evolution of the Gumblar.cn script - much nastier than the first. Instead of just injecting code onto PHP and JavaScript files, it goes further by adding new PHP files to your images directories and adding the script to HTML files as well.

Read more...
http://www.techjaws.com/new-php-exploit-on-the-loose/

Thanks.