WordPress is the current king of Content Management Systems, but there are others, including Joomla. Web sites built on popular CMS software are enticing targets for malicious hackers, because the people who manage such sites often lack the skills to keep them secure. Keeping a CMS-based site secure mainly involves keeping the CMS software up to date.
Joomla 3.7 — released yesterday — includes over 700 improvements, eight of which are related to security. Several of the security vulnerabilities addressed affect versions of Joomla going back to 1.5 and 2.5.
Joomla 1.0 through 2.5 are no longer supported. If you’re running a site that uses those older versions of Joomla, you should upgrade to 3.7 as soon as possible, as the site is otherwise likely to be hacked.
If you run a Joomla 3.x site, you should update it to 3.7 as soon as possible. If your site currently runs Joomla 3.6.x, it’s a single click update, so there’s no excuse not to do it.