The Security Forums
and several Sticky Posts cover a huge amount of information regarding Security Issues and Potential Resolutions, please refer; Security Announcements Security Forum Joomla! Admin's Security Guide Security FAQ's Index 3rd Party Security Forum
Security concerns or bugs may also be reported within the Quality and Testing Work Group
Forum, in the event that a major or serious security issue is found by developers or end-users, they may also reach the "Security Response Team" via the Developer Site
, Reporting Security Issues
In addition to the above information, you may also find the following tools of interest;
As you are already aware; Joomla! Diagnostics
This tool will compare your existing installation against a known good file list of Joomla! and highlight any missing, potentially corrupt or modified files, as well as providing some security related tests. Joomla! Diagnostics Home Joomla! Diagnostic discussion
Maybe a new tool you are not aware of;Joomla! Tools Suite
by the JTS Team
JTS provides a host of Joomla! site and server security configuration advice (based on HISA), embedded version of Joomla! Diagnostics, including several maintenance tools such as Permissions, installed Extensions and DB optimisation.Joomla! HISA
HISA is a single script, StandAlone Joomla! Pre- and Post- Installation Health, Installation and Security Audit tool. Joomla! Tools Suite Home Joomla! HISA Home JTS and HISA Discussion
Several other tools may also be found on the Joomla! Extensions
site in the "Tools" section.
As far as I am aware, at this current time, there are no known Security flaws within the Joomla! v1.0.12 release. I hope the above information will ease any Security concerns that you may have and provides you with access to relevant and useful information and tools.
As for conrinuing to be exploited, potentially this is "from inside" maybe on a previous exploit something has been left on the server, which is normal cracking practice, which has not been cleaned, thus they are actually never completely irradicated from you server in the first place.