Large browser-attacking defacements found

There is an interesting story over at ISC right now about the widespread injection of iframes pointing back to browser exploits hosted on yl18 .net. One very interesting thing is that the modus operandi for this mass injection is very similar to the attacks which hit the Super Bowl stadium website back in February, right down to the fact that they were inserted via SQL injection. Interestingly enough, we had found these exploits and been using them for testing when the ISC article was posted.