This is a WordPress plugin with which I have had amazing success. I don’t know how this works or even if it is proprietary or copyright protected. I just thought I would suggest it in case there is a chance of brainstorming or helping to make a plugin or stack for RW that might help with spam and malicious code attacks.
Tricky to determine exactly what it is or how it works. But it appears it was previously called ‘Goodbye Captcha’. From looking at the screenshots of the dashboard interface, it looks like it might use the old faithful ‘honeypot’ system (that RapidWeaver already has in its contact form). But there is some additional intelligence happening - like recording how often an IP address tries to submit the form and restricting how many times the form can be sent within a given time period.
All I know is it has eliminated spam on every WP site I have. None! Forms, comments, discussion boards, all of it. Of course I still get spam if someone personally makes a unique comment from a unique email address and website, well it wasn’t a robot then was it?