Only lazy hackers don't use the timthumb vulnerability. This time the victims are blogs that use popular premium Woo themes.
http://blog.unmaskparasites.com/2011/08/24/hackers-target-unpatched-wooframework/
Note: WooFramework has patched the timthumb.php earlier this month:
http://www.woothemes.com/2011/08/timthumb-security-flaw-patch/
but some webmasters seem to ignore prominent warnings in their WordPress dashboards.