The simplest way to start this topic is, PHPBB is hacked. You must have heard of it by now. And there is an equal chance that you haven't. A community with almost 200.000 human members and 400,000 subscribed users have lost their privacy inside that community and there was nothing PHPBB could do but to put up a foolish status message like this just below.

But the question is, how did the hacker (say script kiddie if you like, but I don't think 90% of the people naming him that can do half of what he did. No glorification though) do it? Here is a step by step description.

Full article (1002 words) »