This is a quote from Phil Taylors email:

"It is not often I write a personal plea in an email, but if I could give you guys one bit of advice for today it would be this.

IF YOU ARE RUNNING ANY OF THE FOLLOWING JOOMLA COMPONENTS THEN PLEASE
CONTACT ME ASAP! (Or research using the links at the bottom of this letter)

* Simpleboard
* ExtCalendar
* Any version of Joomla less than version 1.0.10

## IF YOU ARE RUNNING THESE YOUR WHOLE SITE CAN BE HACKED! ##

(NOTE: None of these products are created by Phil Taylor, there are no known
security issues of this type in Phil Taylor components)

Today I have had the enduring task of fixing five hacked websites, all the
hacks were using well (now) know security holes (Which are just plain bad
programming on the part of the developers) in the above two Joomla
Components. Also running any version of Joomla less that the latest v1.0.10
version can also allow other attack attempts to be made.

If you need assistance in upgrading to Joomla 1.0.10 we would be happy to
help - we do loads of these a week!

Else, if you are running SimpleBoard or ExtCalendar then you should
remove/replace/fix/patch the files to stop hackers gaining access to your
server.

* Simpleboard = http://forum.joomla.org/index.php/topic,75668.0.html
* ExtCalendar = http://forum.joomla.org/index.php/topic,75390.0.html
* Joomla = http://www.joomla.org/content/view/1510/74/