“Weaponized” exploit can steal sensitive user data on eBay, Tumblr, et al. - Dan Goodin - ars technica

Update Adobe Flash. A new technique has been discovered that would allow an attacker access to a user’s credentials for certain sites. The vulnerability seems to revolve around JSONP. Which if you work at an organization that utilizes this type of coding in your websites you might want to have your website developers take a look at this blog post, explaining the technique.

This post first appeared on Exploring Information Security.