Exploit was active on LA Times site for 6 weeks

"The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks," reports Brian Krebs. The paper's statement on the matter is a model of how not to handle security clusterfucks.


  1. Glad I read Boing Boing instead of the LA Times. :P

    My friend is a VP in Corporate IT and about 2 weeks ago when they posted about the Flash exploit he said to uninstall all Flash until it’s sorted or I might be sorry.

    Back online and reinstalled with the fixes but he thought it was a huge security exploit at the time..

    1. You Won’t Believe The Five Inexplicably Ironic Articles That We’ve Lifted From The LA Times! (slideshow)

  2. Times is “between owners” expected to be sold any day. Tribune came out of bankruptcy, what, a month ago? Can I say this without irony? A lot of people had ‘issues’ at many levels. I look forward to the new ownership whomever it turns out to be, but don’t hold out much hope for any real change.

  3. We take your safety and stuff like all real serious like, and even thou a whole slew of people have shown that we were serving malware we are still going to say that we still only MIGHT have been serving it up.

Comments are closed.