This is just a quick service announcement: Twitter is investigating an issue with users becoming locked out of the service after changing their email address or username, or resetting their passwords.

In the meantime: do not change your password, email address or Twitter () handle. Until Twitter corrects the issue, it’s best not to attempt any of these changes at this time.

Thats not surprising... since there are so many twitter apps using the twitter login for authentication. How do you check if you can trust some twitter related site before you submit your twitter login?

It has now been confirmed that the usernames and passwords of more than 10,000 Hotmail users were posted online last week to a website for sharing code snippets.

According to Neowin, who first reported the breach, “the list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists.”

The list has since been removed, and Microsoft is now investigating the situation, which impacts users with @hotmail.com, @live.com, and @msn.com email addresses.

Beware of phishing!

While reading this, I'm wondering how long does it take until the first list of twitter logins is available on the Internet :(

There are so much external Twitter apps on the net, where people post their twitter login details.

If you take a little time and effort securing your WordPress blog now, you could save yourself a hell of a lot of time, money and worry later. Securing your blog takes minutes, but fixing a hacked WordPress blog will take you ages. Simply follow the 5 quick steps below, and you could have a hack-proof secure WordPress blog, in no time at all.

1. Use the latest WordPress version

Make sure your WordPress blog is updated to the latest version – WordPress 2.8.4.

The last weeks people posted articles about the recent wordpress worm. This article is a great guide to keep you wordpress blog secure. Most of the tips are very common, but mostly ignored. For example do you remove all unused plugins and themes? Just imagine what "unsafe" code could be used inside some themes functions.php file...

You may have already heard that sites running out-of-date versions of WordPress have been under attack (Lorelle, Weblog Tools Collection, WordPress Dev Blog). Of course, sites running the latest version of the software seem to be safe, which once again takes us back to what I said over a year ago: Upgrade or else! I haven’t seen complete details yet about how this new worm works, but reports say that part of the hack is to create a new Administrator level account, and then try to hide the existence of that account (via javascript) when you view your list of users.

I would be thankful if Wordpress would tell which versions are exactly not secure. I'm sure there are so much older installs (maybe 2.3?) from people without enough knowledge to update their blog site. So maybe there is no need to update some older branch. Not everyone is a geek like us :)

(I'm so happy about the automatic upgrade function otherwise upgrading multiple wordpress sites would take days every year)