JonLumb wrote:
W3bbo wrote:
I concurr, I've been getting a bunch of spams from YAF's email address by some group involving NetDevilz.org (some script-kiddie website).
It looks like they just found a vulnerabiltiy in YAF.com's installation (which might be on other people's too) and started hijacking sessions. So to be safe, don't login to YAF's website until Jaben gives it the all clear.
Just went on there and everything seemed fine to me, although I didn't login, so that may be a factor
It was fine for a while, its been done again though. One comment in forum reckons that the main admin password may heve gone.
You dont need to login, just visit the tope level of the forum and a redirect puts you to the NetDevilz.org site.
