Last night my WP.com blog (herbsutter.com) had its RSS feed hacked by “sfprn.com” (also a WP.com blog, which I’ve reported as spam).
Note that they hacked the main RSS feed for posts — they did not create real posts or comments, they hacked the actual feed to insert spam entries that my subscribers received in their RSS readers. It’s easy to see: Go to herbsutter.com/feed, and search for prn — all 15 hits are the entries they inserted last night to spam my readers.
Q1: How do I fix the problem to get rid of these spam entries from the feed?
Q2: How do I (or WP) prevent this from happening again (for any RSS feed, not just the main one — I want to protect the comments RSS feed too of course)?