Turns out a file has been updated on sourceforge containing a rather evil eval statement. This is the type of code injection that is typically used on exploited wordpress sites where the config file is writable. lock down your server folks. Not a big problem if you have placed your PhpMyAdmin behind a http auth.
http://arstechnica.com/security/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/
Leave a Reply