whooami, you can keep the personal stuff for fighting with your friends and family. It is clear here that I am not alone, and maybe I am just a little in the front of something, rather than on the butt end. In each case that I have reported an issue, the issue has turned out to be confirmed. You may not like me (or the type of blogs I run) but you can keep the dramas for you llama, okay? (and when you total blog posts on file exceed 50k, let me know). As for any claim of "never been hacked", I wonder how long you have run a standard unmodified wordpress install for, without additional plugins?
whooami: Adding ANOTHER plugin shouldn't be the answer. Removing significant functionality (which I use) in order to create security defeats the purpose. I could close all my blogs, that would be really secure. That XMLRPC has been hacked over and over and over again, and once again, I am seeing a hole. I reported it, and guess what? Other people are having the same issue.
jonimueller: That list shows an incredible number of indexed pages, and when you look at the main site itself, it has tens of thousands of inlinks, many of them from blog style sites.
lluad: You are correct, this is the same basic source I am seeing, and it occurs on posts post 2.5.1 install. Most importantly for me, outside of a couple of very standard plugins, I don't tend to put a ton of extra plusings and stuff on my blogs. Some people may suggest that plugins are the answer, but to me they are bandaids over a gaping wound.
Anyone else have any ideas?