Netcraft's Rich Miller is reporting on VML related exploitation, details at "HostGator: cPanel Security Hole Exploited in Mass Hack.". The article also contains links to their earlier coverage.

"By early Saturday morning, HostGator managers were assuring users that the cause of the redirections had been isolated, and was due to a new exploit targeting cPanel.".

The article details and references a fix that is at the cPanel site.