A variety of sources are reporting that blog hosting sites with WordPress-created sites and php-based management systems such as Zen Care eCommerce are being infected with malicious scripts.
Websites hosted by ISP DreamHost, GoDaddy, Bluehost and Media Temple have been found with the malcode, according to H-Online.com.
The malicious scripts download malcode and block Google’s Safe Browsing API from alerting users.
Story here: “Large-scale attack on WordPress”
The Sucuri Security blog has offered clean-up instructions for those with infected pages here.