Members of WordPress.com are on that mailing list as well.
http://en.support.wordpress.com/contact/ if anything is definitely WordPress.com specific, but I suggest always including security at wordpress org, because there may be another permutation to the attack.
security at wordpress.org Listed at http://core.trac.wordpress.org/
Members of WordPress.com are on that mailing list as well.
http://en.support.wordpress.com/contact/ if anything is definitely WordPress.com specific, but I suggest always including security at wordpress org, because there may be another permutation to the attack.