On the recent WordPress attacks

I'm with John Gruber: >Is WordPress poorly-designed, security-wise? Is it just a matter of WordPress being phenomenally popular? Or is it both? I don’t know. The same argument continues to rage, 15 years after it started, regarding Microsoft Windows. WordPress has much to offer, starting with its large, generous, active developer community. But I can’t recall any widespread security attacks against Movable Type or Expression Engine, or against hosted services such as Squarespace, Posterous, Tumblr, or, yes, even WordPress.com (a hosted service, rather than software you host yourself). Unlike John, however, I do keep my CMS / blog installations up to date. You should too. Need help? Get in touch.