A programming bug in Microsoft’s website gave hackers a way to read and steal e-mail messages from Hotmail users. Trend Micro found a message sent to a victim in Taiwan that looked like a Facebook notification alert. The attack worked because Microsoft had a common Web programming error, called a cross-site scripting flaw, on its website. Microsoft says the bug was fixed on Friday, but it’s not clear how many Hotmail victims were hit by the attack. The company was able to count between 1,000 and 2,000 victims after discovering the issue.”]
Source: https://www.csoonline.com/article/2128545/hackers-steal-hotmail-messages-thanks-to-web-flaw.html