On Friday, WordPress reported that a server intrusion occurred on WordPress.org. The result is that version 2.1.1 of their blogging software is compromised by a backdoor. The intruders modified two files to include code that would allow for remote PHP execution.
WordPress has corrected the issue and has released version 2.1.2. You can read more details here.