WordPress.com cracked

[SilverCircle]

See here:

http://en.blog.wordpress.com/2011/04/13/security/

If I had a hosted blog there, I would now change my password. Full root access is a serious thing.

As far as I understand it, the incident only affected wordpress.com where they host their blogs. The WordPress software itself (hosted on wordpress.org) shouldn't be affected but as a precaution, you may refuse from automatically update WordPress and/or plugins until more information about the incident becomes available.

 

[AnthonyCea]

This is a spammers dream, just think of all the blogs that will have full blown Viagra links injected into their DB now.

 

[Digital Doctor]

This is a spammers dream, just think of all the blogs that will have full blown Viagra links injected into their DB now.

Yea, with some of the good botnets down.
My # of viagra emails per day is down.

 

[AnthonyCea]

I closed down this blog network to new blogs because some Russian found a hole in the script, he had injected the entire database with Viagra redirection links, so much that it would not serve blog pages any longer, the only way I could pull it back up was to replace the DB with a very old backup, then it started serving blogs again.