A pleasant Saturday early morning ruined by:
http://www.securityfocus.com/brief/508

Just a short exerpt:
> The survey, published by security analyst David Kierznowski on Wednesday, found that only one of the 50 surveyed WordPress sites had upgraded to the latest supported versions -- 2.2 and 2.0.10 -- of the open-source package. Nearly half of the sites had not even been upgraded from the unsupported 1.5 branch of the WordPress software.
>

If you operate a blog (who dosn't?) with WordPress, check your version and
contact your sysadmin at once if you are on an old version. That's because
the bad guys read SF along with the security people. If you are an admin
with remote access, it should take you all of 15 minutes to update.