i woke today to a huge nightmare of hundreds of injected wordpress blogs, many of them genesis installs.. Home/front pages were displaying an error and antivirus programs were going crazy. I'm still cleaning blogs now after midnite.. but here's the thing..
this is cross host, cross framework and its pretty simple. apparently its coming through the thumnail regeneration plugin but dropping code into wordpress indexes (all of em) as well as the genesis framework index.php and widgeted footer.php in the child theme. Also if there's a home.php it drops in there.. I'll be glad to provide you with the dropped in code (its crude at best.. not well thought through as there are multiple misspellings etc) and mostly a huge pain in the backside to clean up.. If some code genius has any ideas on how to patch Genesis on this would be great.. however the code gets dropped into every stinkin theme in the blog if they have more than one... I've bellyached to support at dreamhost, bluehost, eleven2, media temple and more and they all swear its not their fault.. so I'm guessin its just a zero day exploit..but sheesh.. consider this my rant.. and warning... If someone needs some help getting this mess out .. holla.