WordPress 4.1.2 has been released, to fix critical security vulnerabilities. This comes shortly after a security issue was announced in a common WordPress function (add/remove_query_arg), which affected many plugins.
All major plugins have already been patched, and no major attacks have been reported at this time. Don’t panic, just update your sites and plugins!
More information on WordPress 4.1.2: https://wordpress.org/news/2015/04/wordpress-4-1-2/
More information on add/remove_query_arg vulnerability: https://poststatus.com/coordinated-plugin-updates-to-address-security-vulnerability-in-many-popular-wordpress-plugins/