By default, the latest version of WordPress is pretty secure. The development team of WordPress has considered anything which may have been added to some fix malware problem plugins. Before, WordPress did have holes but now most of them are stuffed up.
It will all start with the fundamentals. Try using complex passwords. Use special characters, numbers, letters, and spaces and combine them to make a password that is special. You could also use usernames that aren't obvious.
Recently, the site published a news article and browse around this site of Reuters was hacked by an unknown hacker. Their reputation is already ruined because of what the hacker did since Reuters is a popular news site. The same thing may happen to you in the event you do not pay attention on the security of your WordPress blog.
WordPress is one of the most popular platforms for self-hosted blogs and websites. While WordPress is pretty secure out of the box, there are always going to be people who want to create trouble by finding a way to crack into accounts or sites to cause damage or inject hidden spammy links. That is why it's important to be certain that your WordPress installation is as safe as possible.
Implementing all of the above will probably take less than an hour to complete, while making your WordPress site more immune to intrusions. Over 1 million WordPress websites were this past year, mainly due to easily preventable security gaps. Have yourself prepared and you are likely to be on the safe side.