Attention Holiday shoppers!

The long uncorrected xss flaws are still alive and well on ebaY. That means safety issues, ID theft etc. Just a brief explanation: If hackers can cause that pop-up to appear, they can pretty much do whatever they want. Just by you landing on one wrong page.

You’ll never see any indication until your bank account is drained or you receive a bill for a bazillion fake items listed on your ebaY account, etc.

Avoid ebaY like the plague!

Read all about it here. Catch the mirror proof of concept page here.

Click the image to enlarge, opens in a new tab or window.

I’ll spare too many words here, except to say that those following along know it’s not the first time, or the last. Far from it. This has been somewhat of a slow speed chase. Here are the bloody gloves.

If they get you, you’ll fall victim to the hackers, and ebaY’s atrocious, lackluster customer service and policies.