The WordPress development team has a notification up on their blog that version 2.1.1 of WordPress has been compromised, and code was added which allows remote code execution. This happened during a user-level compromise of one of their servers. Upgrading to 2.1.2 is highly recommended.

read more | digg story