Over the past few days there have been reports of several high profile WordPress weblogs being attacked by hackers, including Robert Scoble’s Scobleizer and Andy Ihnatko’s Celestial Waste of Bandwidth.
The common thread with all of the attacked weblogs was that they weren’t using the most recent version of WordPress (2.8.4). If you want to keep your website safe from attack, upgrade to 2.8.4.
If you maintain your own installation of WordPress you should always quickly upgrade your install when new versions are released. WordPress is frequently updated to fix security vulnerabilities, but those releases can’t help you unless you are always up-to-date.
I’m not going to blame the victim as others have, instead I’m simply giving everyone a reminder that you must keep your WordPress installation up-to-date. The good news is that with recent versions of WordPress an upgrade is just a couple of clicks away from the Dashboard.