A couple articles regarding a Joomla site for Harvard's Graduate School of Arts and Science being hacked. The twist in this is that the database was made available via BitTorrent. Luckily, for Joomla! users, early reports indicate the hack was due to weak password usage and not an actual exploit in the Joomla! software.

• Harvard Site Hacked and Leaked on BitTorrent - TorrentFreak
• Harvard Web site hacked, database on file-sharing site - ComputerWorld

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

The complete post providing detailed information is available at Wordpress.org.

"The plone.org web site is currently being hit with multiple spam requests from various sources (on the level of a DDoS attack), and we're currently cleaning up the mischief. If the site is slow for you, we apologize."

Complete Story