While conducting Internet research, Russ found himself quickly immersed in a long standing debate over the merits of (or lack thereof) McAfee's Hacker Safe seal. See all the blog entries and each video of Hacker Safe branded sites showing all the benchmarks of XSS vulnerabilities.  The most recent press release on the issue is found at The Register . The original Information Week article that broke this discovery is here, as well as some additional insight from XSSed and WhiteHat Security's Jeremiah Grossman .

Update:
Further press on the issue, including the McAfee site itself being vulnerable , and much chuckling over the rebranding from Hacker Safe to McAfee Secure. There's also a great little piece from John Sawyer on Dark Reading. Finally, Dan Goodin at The Register also took Hacker Safe/McAfee's Brett Oliphant to task regarding the fraud charges he faces.