So, I get notified that a client's site has been 'hacked'. Great way to start the night.
Looking into a fix, I stumble upon this blog post which was created yesterday ('today' if you haven't slept yet...): http://blog.unmaskparasites.com/2011...-wooframework/
Looks like it isn't just an isolated incident with just this one blog on one of our servers, it's targeting users of the framework wherever they may be.
Oh, and yeah. The site that we were notified about was in fact a WordPress site with a WooTheme / WooFramework installed.
Just a heads up