edit again: Last edit I hope. Apparently the problem was with an account that had access to the email templates. I'm guessing a weak password that was brute forced or something of that nature. Anyway, the problem is cleared up. Please return to the flames and festivities... *** I'm getting code injected into the subjects of emails I'm receiving from Stratics again. I don't know who to send this to, or I would use a pm to say this, but you need to shut the boards down, clean up the mess, and for the gods' sake, find a patch for the vulnerability that's allowing this to happen, or code a fix for it yourself. I don't know what webserver software your host is using, but if Apache is being used, ModSecurity with the GotRoot rules set from Atomicorp is something you might want to look into. *** edit: I'm not receiving the corrupted emails anymore, and I have found no trace of the url in question or the iframes in the forums, so it's safe to say that this time it wasn't anywhere near as serious as it was the last time.