Google Webmaster tools alerted me to a recent infection of one of my sites with malware.
The infected area turned out to be a simple directory of alumni from my former school, written in ColdFusion. I thought I had been clever by having a two steps confirmation process before updating entries in the database but that was written long ago and obviously not sufficient for crafty spammers.
I had to clean up infected entries in the database, turn off access to the edit forms and start migrating the whole directory to a more secure framework (in a wordpress instance… something I had been planning to do a long time ago).
I guess I should thank spammers for forcing me to work on my sites again.
Speaking of spammers…. looking at the Akismet logs for one of my blogs show a tenfold increase in spam attacked for August alone! what is going on there?!