A big SQL injection attack against hundreds of thousands of web sites. Many government and commercial sites have been infected with code that will try to install a password stealing program just by visiting a web page.
It’s not clear if anti-virus programs will catch this one yet.
This one is widespread. Internet Storm Center has info here: http://isc.sans.org/diary.html?storyid=4331 . “They have hit city websites, commercial sites and even government websites. This type of injection pretty much null and voids the concept of “trusted website”. or “safe sites”‘
Corporate types should be watching for traffic to that site. I found a few users at the office that may have been affected (and possibly infected).
Be careful out there!