There's a large-scale attack underway that is targeting Web servers running Microsoft's IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there's no clear indication of who's behind the campaign right now.
Some analyses of the IIS attack suggest that it is directed at a third-party ad management script found on these sites.
Some high profile sites hit, The Wall Street Journal among them.
Anyone running IIS should make sure they are safe.