Check your WP installation or theme if you're running timthumb. That's one of the biggest vulnerabilty I've heard of recently. A lot of hackers are scanning for that script.