No. This is serious business. I am not kidding. I was hacked! 
Okay, the better term is defaced. Not hack. Alright, not even defaced too much anyway. What he did (assuming that Rapcik0 is a man; not sure if this Turkish guy is a woman – I doubt that but hey, Trinity was being thought as a man. Okay stop thinking!) was changed my title post to HTML code that redirect to his site.
And the way he got to edit my title post is caused by the reset password vulnerability. Looks like he injected some SQL into the password reset function, and it give access to him. Then he changed the password of my WordPress account.
Damn.
I thought this hole was fixed prior to WordPress 2.8.6!
Okay fine. I went to cPanel, checked if he got that access, and apparently not. Reset all my password, and then changed the database. Got my access back, so I upgrade again to the latest WordPress. Then I undo his change. At first I thought he put the redirection on the index.php, but apparently not. That’s when I realized it was at the post title.
Done!
P/s: Lesson learn – a good precaution is always use strong password, upgrade the security and apply the fixes, yada yada yada. Thank you for this reminder, Rapcik0.
whoa~! (mouth wide open coz i don’t understand a single thing except ‘hacked’
huhu..
(mengapakah tibe2 keluar kenyit mata di situ?)
do u think u are secured? kalo tak contactla aku
harge boleh dirunding… LOL
nia: haha. try tanya jo dia paham kot. kirenye efek dia adalah, bila ko masuk page aku ni dia kuar page dia. Itulah redirect.
keluar kenyit mata pasal ko typo ; dengan ) hahaha 
yondie: hahahaha LOL. i dont make money on this blog, and it is not that mission critical. so i know its not secured but dont want to spend money on this. got free consultation or not?
wow! hebatnya beliauuuuu.hihi
wu wi.
takotnye. brrr. brrr. *efek menggigil. huhuhu…
seriesly, sggh hebat beliau. *ulang kata2 syuhada.
dan tak paham pape jgk mcm nia.
syud & eme: lek2.. jgn la takut2. mereka2 ni dah mmg takut pompuan (mostly), nnt kang korg takut dgn mereka, bertambah pule populasi ghey. HAHAHAHA.
OH PLIS! LIKE I CARE.
)
opss.. caps lock plak. (pdhal sengaje.
asalkan x amek bf ai sudah. thehehe..
errrr….same gak, tak faham.
ni mesti sebab ko ada link dgn munir ni. dia try hacked blog ko pulak. hehehhee. he maybe doing it just for the LULZ.
eme: hahaha. kalau mereka berghey dgn bf yu cmne? heeeee heeeee heeee~~
syg: takpe, tak perlu faham
dueng: aku dgn munir mmg under host company yg sama. aku rasa dia target host company tu la. mebi. oh btw ini hackers yg berlainan. Tp lawa juga dia wat page dia HAHAHAHAHA.
It is a lul. I don’t mind getting it once a while.. ehe
wordpress tak best
jom blogger
/bakar
haha. malas mau main sama itu xml.
haha i can understand the first line only loerrrrrrr
*bukak blk textbook zaman2 1st yr ke ape ke haha*