WordPress.org has come under an unusual attack where hackers have attempted to upload new version of popular WordPress plugins with cleverly disguised backdoors. Once the WordPress team noticed these suspicious commits they rolled back the affected plugins, told the authors and shut down access to the plugin repository to check for anything else unsavory.
As a preventive measure the WordPress team have decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (This also applies to bbPress.org and BuddyPress.org.)