This is one of those announcements that no one likes to write and absolutely no one likes to read.
Recently one of our site administrator's accounts was compromised. Malicious third parties proceeded to use this access to inject a piece of malicious javascript on the forum templates allowing them to capture the login and plain text passwords of anyone that logged in to the forums while it was present. This attack was limited only to Bukkit's forums and did not affect other sites in the network.
We were notified of this issue by a member of the community: Max Korlaar. We greatly appreciate them and their report, and will be offering them a bounty commiserate with their contribution. Additionally we'll be formalizing a full bug bounty program in the near future, as well as publishing reporting channels and standards for responsible disclosure.
Upon receipt we immediately began investigating the report. This effort revealed several areas for us to address. Many of these...
Most of the staff will be at Minecon this weekend so a couple things can happen:
1. Forum approval times will be longer.
2. Reports won't be handled as fast as usual.
3. New http://dev.bukkit.org projects or files will be on hold till after Minecon.
We will do our best to do as much as possible!
Absolute Emergency (dragons burnt the town, villagers are rioting) private message either: CFEmergency Admin or Bukkit Emergency Admin Normal Emergency (gremlins, imps and evil pixies) contact: Support Desk We will still be watching, but response time will be delayed. Happy Holidays to everyone.
Effective today official Bukkit IRC channels will be managed by our moderation team as extensions of the site communities.
The rules for the IRC channels will soon be unified with the forum rules. Any IRC specific things will be worked into the forum rules page. This is being done to further simplify the rules and prevent unneeded duplication.
I know we've previously announced that we were not moderating the IRC channels. That was due to lack of permissions to do so. That situation has changed.
Edit: The maintenance is over. Please report any bugs here.
Tomorrow on 12/9/2014 at 10:30 A.M. CST (4:30 P.M. GMT) the Bukkit forums will enter a maintenance period. This period is expected to last about one hour while we update the forums software to its latest version. CurseForge/BukkitDev will stay online during this maintenance period. Once the forums come back the BukkitDev linker will be partially missing, this will be fixed as soon as possible after the forum update goes live and we are able to find any issues that may arise from the update. After the forums update is finished we will create a thread to allow users to report any issues they may find with the update so that we can correct them.