Simon Willison’s Weblog

The code injected to steal passwords in Tunisia. Here’s the JavaScript that (presumably) the Tunisian government were injecting in to login pages that were served over HTTP.

Posted 24th January 2011 at 6:45 pm

Recent articles

OpenAI are quietly adopting skills, now available in ChatGPT and Codex CLI - 12th December 2025
GPT-5.2 - 11th December 2025
Useful patterns for building HTML tools - 10th December 2025

javascript 727 security 569 recovered 213 tunisia 3

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe