Brian Krebs posted up a good analysis of the current crop of hacks into vbulletin.com and macrumors.com:
http://krebsonsecurity.com/2013/11/vbul ... ord-reset/
Oh, did I mention that I came across a site the other day that my browser tools flagged for having an XSS exploit active? I let the site owners know, but haven't heard back. Might be a good time to check the good security plug-ins and add-ons for your browsers just to keep you from getting caught in some of these things.