All canned apps have a security problem and they're easy targets for script kiddies. Visit Joomla's website regularly for patches and patch immediately upon release (because the releases are to patch known/advertised vulnerabilities).
WORRY! I may be paranoid but that serves well to detect any hacking attempt early and get things patched immediately. Just because I'm paranoid does not mean that there's not a script kiddie out there looking for a cheap thrill at someone's website. The trick is to be so difficult to hack that they move along to an easier target.