Recent, spate of hacks and exploits on Wordpress version 2.3.2 and even Wordpress version 2.3.3 is very alarming. One might need to think twice on whether really Wordpress is the platform to blog. Frantic friends immediately sought back ups of entire database and do some file back ups just to prepare for the worst to come. Security exploits are present in every version of Wordpress, though it’s being addressed in the succeeding minor release.

WordPress 2.5, the culmination of six months of work by the WordPress community, people just like you. The improvements in 2.5 are numerous, and almost entirely a result of your feedback: multi-file uploading, one-click plugin upgrades, built-in galleries, customizable dashboard, salted passwords and cookie encryption, media library, a WYSIWYG that doesn’t mess with your code, concurrent post editing protection, full-screen writing, and search that covers posts and pages. - Wordpress.org

Whatever release of Wordpress you install better not shout about it as particular hacks are version specific. Keep quiet about the release installed. One security measure would be to have a login URL protection, making it difficult for people to know the location of the login. Though Wordpress 2.5 have a cookie encryption and salted password it’s better to have caution still about it. Test it and test it, before using it.