In Pictures: 20 infamous hacker security vendor br...
In 2012, Yahoo accidentally leaked the private key that was used to digitally sign its new Axis extension for search and browsing for Google Chrome. Security blogger Nik Cubrilovic discovered the package included the private crypto key used by Yahoo to sign the extension, noting it offered a malicious attacker the ability "to create a forged extension that Chrome will authenticate as being from Yahoo." Yahoo was forced to release a new version of its Axis extension for Google Chrome after that. In another unrelated incident for Yahoo, the company acknowledged that about 450,000 unencrypted passwords and user names were stolen from its Contributor Network, taken by a group calling itself D33Ds Company.
In Pictures: 20 infamous hacker security vendor break-ins