tangor - 2:32 am on Jun 23, 2011 (gmt 0)
The plugins affected include AddThis, WPtouch, and W3 Total Cache. Users who have updated any of those titles in the past 48 hours should uninstall them and update to a version currently hosted on the WordPress.org website. Indepented WordPress developer Adam Harley has technical details of the three maliciously modified plugins here.
The "here" above leads to Adam Hartley: [adamharley.co.uk...]