krou writes "The New York Times reports on newly released court documents that show how pharmaceutical company Wyeth paid a medical communications firm to use ghost writers in drafting and publishing 26 papers between 1998 and 2005 backing the usage of hormone replacement therapy in women. The articles appeared in 18 journals, such as The American Journal of Obstetrics and Gynecology and The International Journal of Cardiology. The papers 'emphasized the benefits and de-emphasized the risks of taking hormones to protect against maladies like aging skin, heart disease and dementia,' and the apparent 'medical consensus benefited Wyeth ... as sales of its hormone drugs, called Premarin and Prempro, soared to nearly $2 billion in 2001.' The apparent consensus crumbled after a federal study in 2002 'found that menopausal women who took certain hormones had an increased risk of invasive breast cancer, heart disease and stroke.'"

ozmanjusri writes "While Microsoft presented its recent embrace of the GPL as 'a break from the ordinary,' and the press spoke of them as going to great lengths to engage the open source community,' as is often the case with Microsoft, it turns out they had an ulterior motive. According to Stephen Hemminger, an engineer with Vyatta, Microsoft's Hyper-V used open-source components in a network driver and the company released the code to avoid legal action over a GPL violation. Microsoft's decision to embrace the GPL was welcomed by many in the open source community, but their failure to honestly explain the reason behind the release will have squandered this opportunity to build trust, something which is sadly lacking in most people's dealings with Microsoft."

An anonymous reader writes "Highly sensitive financial information, including credit card details, bank account numbers, telephone numbers, and even PINs are available to the highest bidder. The information being traded on the Web has been intercepted by a British company and collated into a single database for the first time. The Lucid Intelligence database contains the records of 40 million people worldwide, mostly Americans; four million are Britons. Security experts described the database as the largest of its kind in the world. The database is in the hands of Colin Holder, a retired senior Metropolitan police officer who served on the fraud squad. He has collected the information over the past four years. His sources include law enforcement from around the world, such as British police and the FBI, anti-phishing and hacking campaigners, and members of the public. Mr. Holder said he has invested £160,000 in the venture so far. He plans to offset the cost by charging members of the public for access to his database to check whether their data security has been breached."

Not long after Firefox 3.5.1 was released to address a security issue, a new exploit has been found and a proof of concept has been posted. "The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution, or if the exploit attempts fail, a denial-of-service scenario." It's recommended that Firefox users disable Javascript until the issue is patched, though add-ons like NoScript should do the trick as well (unless a site on your whitelist becomes compromised).

Update: 07/20 00:09 GMT by KD : An anonymous reader informs us that the Mozilla security blog is indicating that this vulnerability is not exploitable; denial of service is as bad as it gets.