http://www.riskiq.com/resources/blog...-accounts-risk
Quote:
|
On September 18, 2014, RiskIQ detected credential-stealing malware being loaded onto users’ computers through a drive-by download at jQuery.com. The attack was carried out using RIG exploit kit to target visitors. RiskIQ was able to confirm with sources at several large organizations that users of jQuery.com were indeed redirected to this exploit kit.
|
Nasty.. Just imagine if the hacker had compromised the actual jquery libraries themselves, how many sites link to the jquery libraries directly??