Rumour has it that exploit attempts of the web portal / content management system "Mambo" through the vulnerability first reported in http://seclists.org/lists/fulldisclosure/2005/Nov/0528.html have started in earnest. SecurityFocus http://www.securityfocus.com/archive/1/417215/30/0/threaded reports defacements. (thanks to Juha-Matti for the heads-up)