jQuery Forum

I forgot to add a word after the link.... another bug in the forum.

However, there is one disturbing element that was revealed in that exchange, and that's the anonymous registration on 9/18 of jquery-cdn.com I've suggested that jQuery Foundation needs to take the necessary steps to make that domain disappear - and they are within their rights to do so, given that they hold trademark on the term "jQuery".

Beware of the fact that jquery-cdn.com does not belong to jQuery and so be alert to any third-party documentation suggesting that you load code from that domain.

That's a bit more scary if that domain is serving compromised jQuery code (or might be used to do so in the future, which would make more sense for a hacker - get people using good code first, then switch it).

https://twitter.com/jquery/status/514811609752289281

We have detected a new compromise of http:// jquery.com   and are taking action to mitigate the attack. Updates to follow.

Edit: from the tweets, it appears that api.jquery.com (documentation site) was compromised. I'd guess the intent was to at some point change documentation to tell people to load jQuery from the bogus jquery-cdn.com domain. 

(Though it looks like this is less sophisticated than that. Apparently, they try to load some code in an iFrame from that site in a documentation page or pages. I guess the idea is that the domain name would not look suspicious.)

Detailed riskIQ analysis here. It looks like RiskIQ are not the alarmist cowboys they were initially painted as, and seems jQuery Foundation now takes this seriously.

http://www.riskiq.com/sites/default/files/jQuery Incident Report 9.18.14.pdf

Developers who visited the api.jquery.com site on Windows computers from the 18'th should be concerned.