Hi, There is currently a "worm" propagating through Facebook. The initial Javascript script which is executed comes from a Google Code hosted project - http://code.google.com/p/profilescanner/. The SVN trunk only has 1 file, which is the malicious Javascript. This is inserted into the Facebook DOM through XSS, though requires a user click through to initiate the script execution.
Disabling this Google Code project is going to stop the spreading of the code. Regards, Casey -- You received this message because you are subscribed to the Google Groups "Project Hosting on Google Code" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
