WordPress 2.5 has been released.

From a security perspective, the new WP 2.5 promises secure cookie management, salted passwords and prepared SQL querying functions.

I won’t be upgrading right away… I’ll let it run a while. This may be a good move forward for the WP team. Nice work guys!

Cyberinsecure recently posted details of an automated WordPress hacking tool that is doing the rounds. This malicious worm or program appears to create the directory, "wp-content/1/" as well as spam comments:

The blogs are most likely attacked by some kind of automated tool since the amounts of spam are too big to work manually on all [...]

Thanks to the effort of Samuel Aguilera we now have Spanish translations of our WP Whitepaper and the ModSecurity WhitePaper.

The translation is es_ES, but should be understandable for other derivates of Spanish.

Samuel is also known for his translations for FileZilla and XP-AntiSpy.

If you think that the Whitepaper should be as well available in your native [...]

We are pleased to announce the availability of WPIDS 0.1.2. WPIDS is a Intrusion Protection System, which is based upon the Intrusion Detection System PHPIDS.

The Plugin is able is able to detect attack strings and block them. This adds that needed layer of protection!

The latest version ships with PHPIDS version 0.4.7. The latest PHPIDS release [...]

This latest release of wp-no-version will not remove the version for authenticated users. This was done to support the new WordPress update checks which alert blog owners to new versions of WordPress.

In my opinion this is really the best of both worlds, wp-scanner will not detect the version of the blog after this has been [...]