Forgot your password?

Comment: Re:Related to huge spike of spam? (Score 1) 47

by daver!west!fmc (#42864305) Attached to: Widespread Compromise Of Yahoo-Backed Email In New Zealand
Yeah, something like that. This was going on months ago with addresses, a little before that with addresses and has been recurring as the spammers discover another XSS exploit in Yahoo's amazing web pile. "The Yahoo XSS exploit" really understates the case. I think Yahoo fixes them, but they've got a lot of code to churn through and I doubt anyone really knows what all is in there.

The one I looked at was an e-mail with one-line body urging me to check out a link that appeared to be a news page about some work-at-home thing. What wasn't obvious was the little iframe sourced from something in; that got some JavaScript injected into it to capture cookies and send 'em to some other server, which I presume captured the Yahoo Mail session cookie and permitted the spammers to use it to trawl another lucky winner's contacts and/or inbox and send folks more of the same.

Comment: Re:hacked? (Score 2) 54

by daver!west!fmc (#42400639) Attached to: Popular Wordpress Plugin Leaves Sensitive Data In the Open
Thanks, saw that, guess I'm used to having to click a couple times to get to actual info from a /. article. Turns out the big blob of text about payday loans only shows up for those of us who are picky about what sites we let run JavaScript code in our browsers. I guess it's just there for SEO link juice and is not intended to be seen by humans. But, security site using WordPress, pointing out WordPress plugin vulnerability, and is hacked, oh the hugh manatee!

No amount of genius can overcome a preoccupation with detail.