Egyptian hacker “TheHell” is selling an exploit in $700 that allows individuals to hijack a Yahoo! email account. A cross-site scripting (XSS) flaw on Yahoo! Mail creates a means to steal cookies and hijack accounts. In order to work, the victim must click on a malcious link. Upon doing so, the user’s cookies will be stolen and he or she will be redirected back to the Yahoo! home page. Yahoo! has been notified and is looking for the security hole, which it says can be fixed in a few hours.