Stolen FTP credentials are suspected as the root cause of a massive attack compromising over 40,000 web sites. Researchers at security vendor Websense Inc. say it isn t likely that SQL injection, cross-site scripting or other website vulnerabilities are to blame. Instead, the attackers are easily injecting malicious JavaScript code into sites by logging in with stolen usernames and passwords. Read the full story [techtarget.com] for more details about the latest wave of attacks on websites.
Source: https://threatpost.com/stolen-ftp-credentials-likely-massive-web-attacks-060409/72736/