Just when you thought it was safe to use the new Web development tool AJAX (Asynchronus JavaScript and XML) it seems there may be a security hole in it. The flaw could allow an attacker to execute malicious code on a server using CPAINT. So if you don't have a patched version of CPAINT, you should get one immediately.

• Techworld.com - Google, MSN, Flickr... struck by security hole