If you run your own WordPress blog (as opposed to being hosted on a managed site) then you should check out this exploit. Google wordpress timthumb vulnerability I'm impressed by how much of my traffic on my few usually very low traffic sites is being caused by these probes. They're hitting so fast they're even setting off my flood detectors (too many hits in too few seconds, far too many to be caused by real human site visitors). The script kiddies are active tonight. From what I can see the probes seem to be coming from hosting sites--where you can host your own websites, perhaps shell accounts where you can run your own scripts on the hosts. This is as opposed as to scripts that are being run on accounts on normal ISPs like most of us use to access the Internet. Lending more credence to the theory that it's some kind of script, the user agent is always "Mozilla/5.0" (which is far too simplistic for most real user agent strings). I bet GA admins are seeing the Tim Thumb hits on GA too... This is silly. Subtracting the search engine indexing of my sites the Tim Thumb traffic is exceeding real human traffic.