I received a email from my hosting company saying they found and corrected exploitable timthumb.php file(s) on my account. The file was located in .../themes/Basic/timthumb.php Its great they found this and fixed it but I was curious. Are there any other things like this that I should look out for? I had just updated my WordPress and it didn't include an update to the basic theme. I don't even use it. I also keep my plugins up to date. So how can I prevent something like this?