It would still be pretty useful to know exactly what is going on, and what type of problem is this. I am not clear is it a hacker – person, a script running on the server, or something else.
I also wonder can the script act and exploit one installation and then affect the others.
I just saw that this script was inserted in the footer one one of my wordpress sites http://adahb.org/pollen/lib/files/utils/notify.js
Still looking for more information, if anyone has something useful – thanks in advance
Josip
