Today I released a short tutorial that explains how hackers use Javascript Injection to exploit simple coding oversights to steal a 3rd party site's cookie data. I have included some simple code examples that should help you understand the process step-by-step. This is a two part tutorial, so make sure you understand what's going on in the first section quite well before moving on to part two.
Javascript Injection: How hackers steal a 3rd party site's cookie data
Javascript Injection: How hackers steal a 3rd party site's cookie data