Researchers at Australia-based BitDefender say they ve found how some Yahoo Mail accounts are being hijacked. A page on the bogus site includes a piece of malicious Javascript masquerading as a Lightbox library. The code connects with the user s contacts and sends spam under his or her name. The attack also relies on retrieving session cookies via a subdomain, which attackers were able to access by exploiting a 9-month-old Cross-Site Scripting flaw in the WordPress blog software.
Source: https://threatpost.com/yahoo-mail-breach-linked-old-wordpress-vulnerability-013113/77478/