Shellshock

[The Big Train]

Similar to Heartbleed but potentially more dangerous, for a variety of reasons.  Just imagine if you found this out years ago, you would have had a run of the internet.  Pretty crazy that holes this big could take 25 years after the initial releases to finally be noticed 

I was browsing the internet from Romania a few days ago 

Future South's Jonathan Hall found that the Romania-based intruders were using Shellshock to slowly hijack servers

http://www.engadget.com/2014/10/06/attackers-hit-yahoo-using-shellshock/

 

Rather amusingly, this is one of the few cases where Windows isn’t vulnerable (unless you have Bash installed via Cygwin, but very few people do).

http://www.extremetech.com/computing/190959-shellshock-a-deadly-new-vulnerability-that-could-lay-waste-to-the-internet