Tim Starling just annouced a fix to a recently noticed security flaw in MediaWiki on wikitech-l. This fix involves a non-backwards-compatible change to the MediaWiki API login action.
Details here: https://bugzilla.wikimedia.org/show_bug.cgi?id=23076
While this does not _directly_ affect the toolserver, a large number of bots running here will be affected. As the fix is already live on Wikimedia sites, any bot that has not been updated will be unable to log in using the API. (Some old bots logging in via Special:Userlogin may also be affected, depending on how they construct the login request.)
The necessary fix is not particularly complex. I only had to add one extra line of Perl code to my own bot to make it work again:
http://commons.wikimedia.org/w/index.php?diff=37368315&oldid=36496675
I expect that most commonly used bot frameworks will soon be updated to be compatible with the new login syntax. In the mean time, operators of long-running bots may wish to avoid logging them out until they've been fixed so that they can log back in.