Drupal Exploited like Crazy
It looks like https://github.com/nixawk/labs/issues/19 is being exploited like crazy right now. I was getting hits trying to exploit it every 4 hours or so, then the rate sped up for a time. Each hit was trying to download drupal.php from http://220.127.116.11.
Somebody has nulled out that file now, so infection rate will probably drop.