New in-session phishing attack could fool experienced users
Javascript can be exploited to access a user’s trusted website accounts (such as banks or email etc). The quick fix: stay logged-out of any sensitive accounts while browsing other sites; because they may have malicious code hidden in them. This effects most browsers on all platforms. Read the article for the details. [via arstechnica.com]
