Web monitory and malware clean up company Sucuri writes about (massive) Joomla Media Manager attacks in the wild. The recent discovered and patched vulnerability in Joomla’s Media Manager is actively exploited.

If you are using Joomla and didn’t update your site recently, you better stop doing whatever you are doing, and update it now. There is a very serious vulnerability in Joomla’s Media Manager component (included by default), that can allow malicious files to be uploaded to your site.

The only two safe versions of Joomla are 3.1.5 and 2.5.14. If you are not using either of them, you are at risk.

Read on at Sucuri’s blog:
http://blog.sucuri.net/2013/08/joomla-media-manager-attacks-in-the-wild.html

This may interest you:   Validate MIME types with PHP Fileinfo