Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security IT

WordPress.org Hacked, Plugin Repository Compromised 110

Posted by CmdrTaco from the ok-that's-kinda-scary dept.
An anonymous reader writes "Back in April hackers gained access to the WordPress.com servers and exposed passwords/API keys for Twitter and Facebook accounts. Now, hackers gained access to Wordpress.org and the plugin repository. Malicious code was found in several commits including popular plugins such as AddThis, WPtouch, or W3 Total Cache. Matt Mullenweg decided to force-reset all passwords on WordPress.org. This is a great reminder for all users not use the same password for two different services."
This discussion has been archived. No new comments can be posted.

WordPress.org Hacked, Plugin Repository Compromised More

WordPress.org Hacked, Plugin Repository Compromised

Comments Filter:

  • Re:Year of the Hacker (Score:5, Insightful)

    by SatanClauz ( 741416 ) on Wednesday June 22, 2011 @09:32AM (#36527348)
    Tough year? How about the year people finally realize security "professionals" are actually NEEDED!

  • A great reminder? (Score:5, Insightful)

    by iateyourcookies ( 1522473 ) on Wednesday June 22, 2011 @09:32AM (#36527356)
    "This is a great remainder [sic] for all users not use the same password for two different services."

    Not it's not. Not even slightly.

    The amount of mental effort required by users to memorise a different password for every internet site is at best unreasonable, if not a completely insane idea. While using the same password for Hotmail and internet banking is really not a good idea, using the same password for wordpress.com and wordpress.org is just common sense for people who don't have a photographic memory.

    Blaming the user here is unreasonable.

Slashdot Top Deals

The one day you'd sell your soul for something, souls are a glut.

Close