incrediBILL - 1:50 pm on May 18, 2010 (gmt 0)

No scripts or databases used; updates are made straight through sftp. Sure you might lose some functionality/flexibility, but depending on your needs this could be the most secure solution possible since your blog will ONLY consist of pure html files.

They have had this for years, it's called BLOGGER.

It will post directly to an FTP site.

But I haven't gotten any alerts from AVG, or FF.

You might not because this is so new AVG won't know anything about it and FF won't alert you because as the report says, the safe surf API is being defeated with cloaking.

The real irony here is that the malware appears to have gotten smarter than WordPress.