Simon Willison’s Weblog

The code injected to steal passwords in Tunisia. Here’s the JavaScript that (presumably) the Tunisian government were injecting in to login pages that were served over HTTP.

Posted 24th January 2011 at 6:45 pm

Recent articles

My Lethal Trifecta talk at the Bay Area AI Security Meetup - 9th August 2025
The surprise deprecation of GPT-4o for ChatGPT consumers - 8th August 2025
GPT-5: Key characteristics, pricing and model card - 7th August 2025

javascript 718 security 534 recovered 213 tunisia 3

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe