Monday, January 07, 2013 Compromised

On December 28th, an unknown attacker used a previously unknown remote code exploit on The attacker was able to get shell access as the "moin" user, but no other services were affected.

Some time later, the attacker deleted all files owned by the "moin" user, including all instance data for both the Python and Jython wikis. The attack also had full access to all MoinMoin user data on all wikis. In light of this, the Python Software Foundation encourages all wiki users to change their password on other sites if the same one is in use elsewhere. We apologize for the inconvenience and will post further news as we bring the new and improved online.

If you have any questions about this incident please contact Thank you for your patience.