GhostNet, a "cyber espioniage network," has broken into 1,295 computers in 103 countries. Canadian researchers have traced the operation to China. The Dalai Lama and NATO were among its targets.

Hoan Ton-That, the parodically Left Coast-y San Francisco coder linked to an earlier virus, appears to have resurfaced with a new website, Fastforwarded.com, which aims to coax passwords from users.

That poor dumb kid who "hacked" Sarah Palin's email by guessing her "security question" answers? Yes, well, he has three new federal charges:

Jason Calacanis, the CEO of Mahalo, the world's largest compendium of rewritten Google search results, claims he hired a computer hacker because he never bothered to Google him. Now his employee is headed to jail.

Yesterday's ViddyHo worm, which spread over Google Talk and Gmail, has been linked by some to Hoan Ton-That, a San Francisco software developer. A very San Francisco software developer.

Were you looking for a job, maybe with President Obama? Hah, you just got identity thefted! USAJOBS, the government's online job database, has been hacked.

Today on Twitter: Media people being pretentious, from Bonnie Fuller to Wired's Chris Anderson and beyond!

That's hot. Paris Hilton's official website is unsafe for browsing, computer-security researchers have declared, playing host to software which tries to hijack her fans' bank accounts. Doesn't the heiress have enough money?

Freedom of the press belongs to those who own one. After hackers took down SoapBlox, a one-man blog-hosting company which runs local political websites, a silenced liberal commentariat found out how true that was.

MacRumors, one of the many sites which cover Apple's annual Macworld product launches, has had its live coverage infiltrated, with someone adding the false news of Steve Jobs's death to the blow-by-blow reports.

Whats going on with Twitter? First Fox News gets hacked, then Britney Spears. Is no one safe from this epidemic?

This is currently the lead post on the official Fox News Twitter page. Hackers are cool again.

A long-dormant virus aimed directly at Facebook struck Thursday, spreading quickly via the social network. What's surprising isn't that Koobface hit Facebook so hard. It's that it took so long to do it.

Hasn't YouTube always seemed too good to be true — all those video clips, for free? We must be getting away with something. That's why rumors about a new YouTube virus have spread so far, so fast.

Bankrupt electronics retailer Tweeter closed all its stores yesterday and fired its employees without warning. But it appears some naughty ex-employees have had their revenge on Tweeter's executives—by hacking the company's web page and placing a humorously profane photo and message upon it for all the public to see! Oh ho! It seems the tables have turned, eh? Click through for a screengrab of the shocking political metaphor that has prompted Tweeter to pay all its employees what they're owed a few people to chuckle, then hit the bong again:

It's the last thing cash-strapped banks need right now: Holders of credit and debit cards are reporting an epidemic of unauthorized charges on their bills. It could be the sign of a massive card-fraud operation in the making. A company called Adele Services, based in Melville, N.Y., has been charging cards small amounts — 21 to 29 cents. Such charges are usually attempts by card fraudsters to test whether a particular card number is valid.

Who pays attention to unions anymore? A bunch of carpenters picket your office because of a grievance with a contractor who works for the facilities department of the company on the floor below you. They might as well stencil WE ARE POWERLESS on their placards. But a couple of Los Angeles traffic engineers who work for that city's Automated Traffic Surveillance Center found a way to make "strike" an active verb again: They disabled four traffic lights at major intersections a couple of hours before a job action. The red-light gridlock lasted four days until the PHBs figured out how to reprogram things. Gabriel Murillo, 39, and Kartik Patel, 36 admitted to felony hacking as part of a plea bargain. I'm sure it sucked for commuters, but at least they didn't turn all the lights green. (Photo by AP/Nam Y. Huh)

It's a verified bug: PDF files can be used to take over your PC. Adobe's mistake was adding support for ever-sloppy JavaScript inside the once-benign PDF format. Core Security, the company that outed the vulnerability, says, "An attacker could put malicious code in JavaScript embedded in a PDF and [...] could manipulate the program's memory allocation pattern and trigger the vulnerability to execute arbitrary code with the privileges of the user." Great. I can hardly wait to reinstall Paul's PC after he pretends to read another of those ethics-in-journalism PDFs.

Pity the poor Microsoft employees in charge of protecting Windows from third-party apps with security holes. The only code they can fix is Microsoft's. But as John Markoff reports this morning, Microsoft's boldest move to protect Windows Vista users totally backfired:

Hooray — another zero-day patch! The financial sky is falling! The only good news is I'm used to hedge fund managers throwing themselves out the windows. If you're as familiar with zero-day patches as collateralized debt obligations, let me explain the difference to an IT guy. A CDO means I'm fired. A zero-day patch means I'm working. All weekend.A zero-day patch is a security alert that's been issued for some major, Internet-threatening bug, one that's so serious that they give people zero days of warning. It means the bad guys know about it. It's so bad that it needs to be fixed right away, I get that. But do you think IT departments are staffed for one zero-day patch over another? Of course not. Your infrastructure doesn't scale, but who cares? And why pay for all that automation? We have people here. Or in Bangalore, or somewhere. But when an operation takes 10 minutes per machine, multiplied by hundreds of servers and thousands of workstations for millions of customers ... well, I'll get complaints about the overtime charges, but my managers already told me they didn't want to pay to configure the automated solution. See? I can't win, even if Arista replaces every Cisco box on the network. The bright side: This morning, I worried I'd be out of a job by noon. Thanks to Microsoft, I now have another life-or-death upgrade to install. I'll do it this weekend. I may not have a family life, but I have a job.