TimThumb is included in various WordPress themes and plugins among other things. A vulnerability exists in TimThumb that allows attackers direct access to the account in question. Everyone should make sure that they have all instances of TimThumb disabled or updated in order to prevent their account from being compromised.
Some more info here
Some more info here