Hi guys. Firstly, I'm sorry if this isn't an XF specific issue but it's certainly affected the forum on our site - the site we run (diabetes.co.uk) was recently infected by what I believe was an exploit kit for WordPress. We noticed it on the blog first, where users were being redirected to ClickBank links leading to a landing page for a product named Diabetes Destroyer. It's obviously a scam, but my concern lies with our users, who may have been conned as a result of malware on our site. It's proving troublesome to remove and has now infected various areas of our forum. Initially, we discovered that it was redirecting people by infecting our local jQuery - this was resolved by changing the jQuery source to Google Ajax in the ACP. We figured the problem would be solved after that, but our users continued getting redirected when they clicked links in the discussion list. That was resolved by clearing the discussion list cache. Now we're really struggling and believe the intruders are using SQL injections to add strings of text & HTML into the notices at the top of the forum. The last time I was redirected personally was when I was trying to log into the ACP. We're looking for a solution to what now seems to be a constant infiltration of our server. Any tips?