A close friend called and said that their new web site was hacked. I was scheduled to scan their site as a favor before going live but marketing thought it was ready to go...okay. Site started to change in front of the client's eyes. Buttons were changing - links were no longer working, etc. When I started looking at the site i realized that there wasn't enough content by half enough. Then I saw it.
There were references to other sites. The dev "borrowed" code from other web sites he worked on and let them render things like menu's and "common" graphic elements. It appears that one of the other sites got another dev and they started making changes that impacted all the other sites using their code. No wonder the dev said that the new site was"optimized" to reduce their web bandwidth- it was being offloaded to other sites.
I asked if I could share the story since it was not one of my clients and they said they wanted the story to get out so others could be aware.
I have screen shots of the horror that I am adding my small business security talk (which I submitted to for Spiceworks Austin if you want to throw a vote to get it into the wildcard session - shameless plug)
::Edited to add link to Spiceworks Austin Wildcard voting page.::