WordPress is a common vector of attack because many fail to install the blogging platform's latest patches.
Researchers have discovered a correlation between infected WordPress sites and the propagation of the prolific Mac Flashback trojan.
Automated attackers are trawling the web for vulnerable WordPress blogs so they can silently redirect users to dangerous exploits. So far, however, the number of victims is in the hundreds.
WordPress has made available version 3.3.1 of its popular blogging software, which closes 15 vulnerabilities, including a cross-site scripting hole that was revealed Monday by two Indian security researchers.
Hackers have compromised a huge number of sites hosting WordPress blogs because of a vulnerable image script.
Hackers are exploiting a zero-day vulnerability affecting an image resizing utility, possibly impacting a large number of WordPress sites.
