My site has been hacked twice this month and I can't figure out how. It begins with my-hacks.php, where WP tells me that there headers were already sent. Opening my-hacks reveals that this bit of code has somehow been added to the file:
Deleting that bit of code causing all my plugin and admin.php files to stop working and stylsheet.css stops working. The last time this happened the hack got progressively worse, eventually changing all my post links to a new link that sent people to a hardcore porno video.
How is this happening? Anyone know how I can prevent it? Fix it?? HELP!!