I got an email from Google on Thursday indicating that my site (a WordPress blog) contained hidden offending terms (about buying drugs) and that I would be removed from Google's listings.
Some evildoer injected this code, and similar code into the Start Title Head Bar section of each post, just before the legitimate mouseprint.org code:
[click VIEW SOURCE in IE if you don't see the code]
Looking at my site the day after Google and Yahoo spidered and cached it with the bad code, NONE of the offending code was there.
I call this a drive-by hack job. A quick injection then they removed it, but again it was long enough to get into the search engines.
I just upgraded to 2.3.1. I do NOT believe my password was compromised, but rather some security flaw was taken advantage of. Any ideas? Any sense this cannot happen in 2.3.1?