Earlier today it was discovered that the entry page on the Yii website had been defaced. The website was restored in less than an hour from discovery of this event, and we are currently investigating the cause of it.
At this point we do not expect any of the Yii framework source code to have been affected, as the source code for the framework is hosted on external systems (GitHub and Google Code) which to our knowledge has not been affected.
As an extra precaution we do however recommend that if you downloaded a copy of the framework via the main website (www.yiiframework.com) earlier today, you delete that copy and download it again. The purpose of this is to be certain that the copy is really downloaded from Google Code and/or GitHub, even though there are no signs of downloads or source code having been affected by the defacement.
We will continue our investigation and take appropriate action once we have more information.