WMF-exploit available since 1st of December

Eweek has posted a story that (if it is true) confirms my thoughts and opionions on the WMF-matter. According to the article, evidence say that the exploit targeted at the WMF-vulnerability was first seen in 1st of December, roughly one month before the whole issue became public. This is what i've expected. Exploits, including zero day, gets disclosed to the public when the attackers gets sloppy. In this particular case, the exploit was made public when an attacker bought the exploit, and made an automated attack of it.

Last week, I also saw reports on the British parlament being (successfully?) hacked by the exploit. I expect to see more incidents related to this matter in the future.