I got this from my host provider this morning:
Security warning for websites using WordPress
We’ve been made aware of a security issue facing websites using WordPress. We take security very seriously at xxxxxxx, so we want to check if this matter has affected your site.
If you use the blogging platform WordPress on your web hosting, you may have been the victim of a security hack (please ignore this email if you haven't installed WordPress on your hosting).
The problem is due to a security breach caused by hackers, who have targeted sites that use WordPress. WordPress is an open source application, making it vulnerable to such attacks.
As your hosting provider, we want to help you counter this WordPress hack as quickly and as effectively as possible. To do so, please follow these simple steps as soon as you can...
WordPress is an open source application, making it vulnerable to such attacksthat worries me. They don't give any explanation but seems to blame WordPress.
The email continues to give instructions about how to eliminate the problem and offers a script to run and some securtity measures to restore WordPress instalations.
Finally it concludes with:
We'd like to stress that this WordPress hack bears no relation to the security of your Webfusion web hosting itself. This remains robust and very well protected from any attacks by hackers.
If its true then there is a vulnertability in WordPress and my hostprovider is actually doing something about it; if not...