Crypto writes:  

There have been several reports of sites being injected with a php-string. Typically code is inserted into several tables. From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation at this time.

When discovered yesterday about 80 sites showed in Google, this morning about 200, by lunch 1000 and a few minutes ago 4000+.You can find out more information at Sans webpage at:
http://isc.sans.edu/diary/SQL+Injection+Attack+happening+ATM/12127