My WordPress 1.2-alpha-6 install was defaced. I quickly locked down the login page and thought everything was fine. I am on W2k, IIS, MySql.
I made a new post tonight, and actually clicked into the post. Because of the structure of my site, I didn't use my regular index.php to do that and instead hit the /wordpress/index.php.
/wordpress/ is my wordpress install directory.
The index.php file there had been replaced. Because of a minor error, the file does not appear to work.
I know what I need to do is upgrade my install. I'll be doing that ASAP. I am, however, wanting to report this in case someone at WP wants to examine the script they replaced index.php with. Email me at mark [at] marklyon [dot] org, and I'll send you a link. I'd prefer not to post the script here, for obvious reasons.