Just when I updated to the latest version, it took 2 days for my blog to be hacked.
Great isn't it?
The file was a template one, single.php, and the hacker totally took over and replaced the code in it with some ads. The file had chmod 644.
Moreover, my wp-config was hacked, with chmod 640, where the little bastard changed the host of my DB.
I fixed it now, but this exploit was used in the past already (vers 2.0.1 or something)... how is it possible that it hasn't been fixed yet?