One of the strengths of Joomla is it's template system but this is also one of it's weaknesess. More and more the tendency for designers is to showcase as many different cool things as possible that they can achieve in a Joomla template rather than concentrate on presenting the site owner's content.
Read more: Can you trust your joomla extensions?
Sadly in the last 6 months there have been two published circumstances where an extension provider has been hacked and malicious code inserted into the extensions that they offer.
This meant that as soon as you installed the extension your site was vulnerable to defacement etc.
If there have been two published cases perhaps there have been more that we don't know about.
So is there anything we can do to prevent this?
Read more: Help my Wordpress site has been hacked!
On Wednesday I explained how your Joomla site might be exploited
"Just because you keep your server secure and your software up to date you may have been exploited yesterday, ready to be hacked tomorrow."
Today I read an article explaining the exact same thing happening on a Wordpress site. I had tried to explain this to the site owner 6 weeks earlier but...
Help my Joomla web site has been hacked!!
Joomla Hidden Secrets - the movie
Is it time for an International Joomla Event?
Why integrate Joomla and Wordpress?
