New Exploit Affecting Yahoo Mail Users, Don't Click Anything Suspicious

A link exploit has been found by Yahoo Mail users that can compromise your accounts. Here's what to watch out for.

The YouTube video above was put out by hacker Shahin Ramezany who claims to have discovered the vulnerability. It's basically link spam that'll show up in your inbox from one of your contacts. As usual, you should never click on any strange or unsolicited links, but this is a pretty big example, so we thought it was worth mentioning. If you've already clicked one recently or feel that your account is vulnerable, change your password.

Yahoo has acknowledged the exploit and has confirmed that it is investigating the vulnerability. The systems deployed by Yahoo7 in Australia are often slightly different to the parent Yahoo company, but a cautious attitude is definitely wise.

Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame (Update: Yahoo is investigating) [The Next Web


    The video does not show much (first 2 minutes is spend sending and waiting for the E-mail) - but looks like it works via the cookie that had been used when the last person logged in. I don't think this works from a different computer - just the same computer - also note that the previous user did not log out of the account in chrome leaving the cookie available for IE to use

    Last edited 08/01/13 1:51 pm

Join the discussion!

Trending Stories Right Now