Submission + - OpenX Vulnerability leaves sites open to attack (techeye.net)
Tucows, the popular download site, confirmed that it's part of an OpenX server vulnerability. "We detected the intrusion, patched the vulnerability in OpenX and resolved the issue quickly," said general manager Andy Walker.
The code is being loaded in from external domains. When planted on a website it hosts a downloadable exploit from advertising servers which will put the Bredolab trojan onto a computer.