Unidentified attackers were able to gain access to a server used to track bugs for the open-source Apache project. According to Philip Gollucci, vice president of Apache infrastructure, the source code repository for the web server was not compromised. Gollucci affirmed that "None of the source code was affected in any way."

The genesis of this particular attack appeared to have come from exploiting a cross-site scripting bug of the Atlassian JIRA project tracking software used by the Apache developers. Once inside, the use of a password stealing software eventually allowed attackers to seize full control of the machine. 

While it is not known whether the attack was directed specifically at Apache, this attack is a chilling reminder that hackers are continually finding new ways to gain control of machines. You can read more of my thoughts on this in today's editorial.

For more on this story:
- check out this article at Network World 

Related Articles:
CMIS Chemistry Project goes to Apache Incubator
CMS Watch says 40 percent of WCM vendors are embedding Lucene for search
Lucid Imagination launches this week