Plz look at this:
http://pastebin.com/zAJmsRLg
in the last days many forums have this "virus". (also on 3.8.7PL4)
An exististing "announcement" titel was changed in end with <script>....</script>
vbulletin parse this script and run the javascript-file and steal passwords, pm, htaccess...
check source
http://pastebin.com/zAJmsRLg
there is an problems with announcements in vbulletin.. any ideas?