vBulletin Breach Prompts Password Reset

Brian Krebs:

Forum software maker vBulletin is urging users to change their passwords following a recent breach of its networks. The attackers who claimed responsibility for the intrusion say they broke in using a zero-day flaw that is now being sold in several places online, but vBulletin maintains it is not aware of any zero-day attacks against current versions of its product.

vBulletin is broken – the goddamn vendor couldn’t even secure their own forum properly. If you’ve signed up for any forums with the same email address & password you use for Gmail – time to change your password. But you use a new password on every site you register on, right?