May I be the first to say that the subheading, this time, takes the cake.
"The weak link in the Yahoo! attack was not programmed by Yahoo! developers, nor was it even hosted on the Yahoo! servers, and yet the company found itself breached as a result of third-party code,"
Legislation in force in certain european countries imply that your arse will be hauled in front of the beak for that and you may be looking at 1 year jailtime and fines of up to 125'000 EUR. Pucker up!