Several sources are reporting about web sites getting compromised on a massive scale (one site mentions 94,000 compromises, and rising). Of course, as it happens often when this kind of report hits wires, surprising little information is actually available. Michael of terminal23 blog shares this observation.

In the article on The Register, Johannes Ullrich of the Internet Storm Center is quoted saying that the compromises are the result of exploitation of unpatched SQL-injection vulnerabilities.

Normally, the ISC is a good source of information, but lately I have been disappointed. Very few noteworthy dairy reports are published, and even today, there is no mention of this event. For an incident of this scale, I had hoped to find more detailed information being publicly disclosed.