IBM's DeveloperWorks website was breached by hackers over the weekend, and several pages of the site were defaced with messages from those responsible for the hack.
IBM was quick to repair the site, but copies of the defacements were posted at other sites on the web.
The messages left by the hacker(s) read: "Defaced by Hmei7," and, "You have been Hacked !!!, not because of your stupidity That's because we love you, and we want to warn you That your web still has large of vulnerability."
IBM stated that there were no security concerns arising from the breached website, and that no accounts or user passwords were exposed.
Security firm Ariko Security claims to have warned IBM about flaws on the website months ago, including the risk of iFrame injections, cross-site scripting (XSS), and directory traversal vulnerabilities.
Ironically, IBM researchers had themselves found Document Object Model (DOM) vulnerabilities in the websites of some of the biggest corporations in the world - but apparently they may not have included the DeveloperWorks in their survey.
In a survey of the websites belonging to all Fortune 500 listed companies and an additional selection of 175 other businesses, researchers found that nearly fifteen percent contained serious security flaws.
The vulnerabilities leave the sites open to cross-site scripting (XSS) and open redirect exploitations, both favorites of criminal hacking networks.