The Joomla! Forum™

this incident is not confined to joomla.org and needs further attention/investigation. Yes. By the site owners. Who are probably (just like every doofus who comes to these forums bleating about a hack/crack) running any number of insecure components, incorrect chmod, globals on ( ), Joomla 1.0.4 (u...

In trying to find a common exploit, I'm trying to help to prevent this person (or copy-cats) from affecting other Joomla-based sites. the answer: I think we are lucky that the particular component that was exploited is only used on the Joomla shop site and not by the community at large or this coul...

I am sorry but I have no way of knowing what exploits may have been used to attack other sites.  There is just no way for me to know.  It does seem, however that the recent wave of vain and childish defacing is much bigger than just the Joomla! world.  I am guessing that this is a co...

Thank you Louis for your open and frank announcement. It does however still concern me that various other Joomla sites (mostly foreign language) were also defaced yesterday and today by the same person/group. Since you state that the suspected component was (to your knowledge) never publicly release...

Thanks for the update Rob! The cracker seems to have continued with defacing more sites (mainly .it sites), and he? still seems to have a preference for Joomla! sites. (it might be purely because he? is familiar with this cms, and not related to a joomla core or extension vulnerability) Or as someon...

In both your posts you have used that persons ID. Please edit your posts to delete any reference to that person. We must not give any sort of credit to somebody who does things like that. No Screenshots, No names, no links, nothing that might be identifying the ID. Thank you for your cooperation. I...

I want to agree with most of what Chris Hutcheson posted regarding security notification. I've read in the Security section that one can subscribe to that part of the forum, and thereby receive notifications, but when all posts are moved to the lesser-know/used Sites & Infrastructure section as happ...