Well it was bound to happen. Actually I am rather surprised it hasn’t happened sooner, but hey, they finally caught up with Wordpress.

It seems there is a FAKE wordpress site out there, that is releasing the wordpress core, but with a nasty little addition, a Trojan, that opens up your back end to attack.

While it seems simple, to check that you are actually at Wordpress.org it seems some aren’t. So when you go to download the core, make sure it is wordpress.org and not wordpresz.org Nasty buggers.

Read More Here.

Just in case anyone here got nailed. The latest release of Wordpress is 2.6.3

There IS NO 2.6.4

Re: Warning Fake WP Download Site

oh lovely, its not as if WP has enough holes as it is, but now fake upgrades. Thanks for the heads up Ian!