Well, some security auditing should be in order; just because someone fiddled with the UBB.threads script doesn't necessarily mean that's what was hacked/exploited, you should try and make sure all of the scripts on your site and (if you're on a VPS or Dedicated server) all of the scripts installed on the server as a whole are up to date.