WordPress build has backdoors built in

WordPress Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [via MetaFilter]

Apparently, crackers managed to break into a WordPress server and add malicious code to the 2.1.1 build of WordPress that allows for remote PHP execution.

This is probably one of the most sophisticated types of security attacks – embedding trap doors in trusted builds. And extremely worrying for the open source movement if it takes off.