Recently, an issue arose with a remote injection attack vulnerability within one of another blog app's import scripts. This is NOT a wordpress specific issue, but it's worth mentioning here, because sites that are not running that blog app are seeing hits from attackers, all the same.
Folks, probing for exploits, or potential exploits, is as
illegal as successfully completing an exploit.
Atleast in the country, I happen to live in.
Ive provided information out of my own Apache logs for November, as well as provided ways to prevent sketchy user-agents from accessing your site within a post dated today.
Follow my the link behind my name on the forums if you are interested,
Please, I cannot say this enough, read your logs, educate yourself, stay informed.