Tell us about spam sites you see and we’ll check it out. I have not seen a lot of niches, but we fight pretty hard in a weight loss niche full of single page affiliate sites.We have been working really hard over the last year to do things right.We have a legitimate site with PR5, quality content, and an active social media presence.
Long story short: If you downloaded Word Press 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.
Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in Word Press.
The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code.
We took the website down immediately to investigate what happened.
It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file.
We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack.
They modified two files in WP to include code that would allow for remote PHP execution.
We started rolling out the next generation of the Penguin webspam algorithm this afternoon (May 22, 2013), and the rollout is now complete.
About 2.3% of English-US queries are affected to the degree that a regular user might notice. This is the fourth Penguin-related launch Google has done, but because this is an updated algorithm (not just a data refresh), we’ve been referring to this change as Penguin 2.0 internally.