A note for all users running WordPress 2.1.1 who have upgraded or installed it in the last week – you need to upgrade to 2.1.2 NOW. A cracker managed to gain access to the WordPress file repositories and swap out some of the files in the release package with some that contained malicious code which could be used to take over the site and the server on which the site was sitting. This is of course very serious and the WordPress team are looking into exactly how this could have happened. In the meantime they have assured users that the new release, the 2.0 branch and the SVN versions of the software are perfectly safe. If you’re a WordPress user, update your blog and spread the word.