They are really going after the TimThumb vulnerability. There were over 80 attempts to hack one site using the vulnerability this month! I wrote my own version last year, and this year I discovered that TimThumb was still installed so I deleted it as we are not using it.
Here is another strange "insert strange data" attack going on. It looks like a long string of garbage but I am sure it means something to someone?
Now I am thinking of not using WordPress or using a "static" version of WordPress to avoid all vulnerabilities. The biggest problem with totally static web pages is that the search function would not work, it has to have a dynamic response. You can use Google site search to get about the same results.