As reported on Slashdot and on the WordPress.org blog, the 2.1.1 release of the WordPress blogging system was hacked sometime towards the end of February/beginning of March.
The hacker gained user-level access to one of the servers that powers wordpress.org, and modified two files to include code that would allow for remote PHP execution. Although details […]