March 20, 2018 Force-resets All Passwords has come under an unusual attack where hackers have attempted to upload new version of popular WordPress plugins with cleverly disguised backdoors. Once the WordPress team noticed these suspicious commits they rolled back the affected plugins, told the authors and shut down access to the plugin repository to check for anything else unsavory.

As a preventive measure the WordPress team have decided to force-reset all passwords on To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (This also applies to and

Any users of AddThisWPtouch, or W3 Total Cache should upgrade each to the latest version to ensure you are not running a hacked version.