The news lines are all abuzz today that sites based on the popular WordPress blogging platform are being hit by a massive SQL injection attack.

Link

And what could be worse than waking up to find your site's been hacked? Learning that nobody (except the culprits) knows exactly how they're doing it.

I suspect we'll find out soon enough that someone left a back door open. There's always a way in. This one sounds a lot like a system or server problem and not a problem with the content framework software itself. We'll see.