Ars Technica has a story on a recent hacking episode here.
Developer Site behind Apple and Facebook hacks didn’t know it was booby-trapped
The security breaches at both companies were due to an undocumented vulnerability in the browser plugin for Oracle’s Java — an increasingly common problem for those running Java on their machines. This is part of why Apple removed the Java plugin from all Mac-compatible Web browsers in late 2012, then blacklisted Java browser plugins on OS X twice already this year in order to prevent critical exploits. But many users — particularly developers — still have uses for the Java plugin, potentially putting them at increased risk for attack.
A reader comments:
1. Please delete Java from your machine (if you have a Mac, read this piece: “How to disable Java on your Mac”).