Just got sent this by Rick Williams…
Security researchers have found what they say is an entirely new kind of web-based attack, and it only targets the Ajax applications so beloved of the ‘Web 2.0’ movement.
Vulnerable frameworks include: Microsoft ASP.NET AJAX (aka. Atlas), XAJAX and Google Web Toolkit, Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Yahoo! UI, Rico, and MochiKit.