For the past several hours I’ve been attacked (41,322 times and counting!) by many different IP addresses (95 at last count, including a bunch using Amazon Web Services (amazonaws)) looking for many different URLs. They are searching for the broken timthumb.php script, as well as 5a3c2f91dc7ccef6724e602c0d391659.php or 6c8fd79d31461e644cbf23026ff5d19a.php, which is apparently an app to give the world the ability to execute commands on your web server via the web. I’ll post more details if I can figure out how to present in a useful manner.