In den offiziellen Downloads vom OpenX-Server hat heise Security eine Hintertür gefunden, die offenbar seit fast einem Jahr vorhanden ist und bereits aktiv für Angriffe auf Anzeigen-Server genutzt wird.#fail
The dynalogin project was started in 2010 by Daniel Pocock. Pocock's professional experience includes engineering secure connectivity solutions for organisations like UBS in Zurich, Switzerland. The dynalogin project has been shared openly from the beginning as GPL-licensed free software in the interest of promoting a more secure Internet for everybody.
The Piwik web analytics software's server appears to have been compromised and has recently been serving a manipulated version of the software which gives attackers access to the server and surrounding system
It was one of THOSE gigs: an internal penetration test against a client that, considering the amount of personal information they held on their customers, should have been well prepared. And yet, we went from "you-can-plug-your-laptop-in-over-there" to "Domain Admin" in... well, let's just say a "shockingly small" number of hours. And it just went downhill from there...