2Wire modem-router users need to read this

[Wiz Feinberg]

Takeaway
Many models of 2Wire branded broadband modem-router combination units are at risk of targeted JavaScript or iframe "xss" (cross-site scripting) code attacks that could result in hackers taking control of your router and poisoning its DNS tables to redirect requests for your bank, PayPal, or other financial institutions to look-alike phishing sites. Furthermore, once your router is owned by cyber-criminals, hostile firmware can be downloaded and installed in the modem-router, allowing added functions for more hostile actions.

Advice
If you are a broadband ISP customer and have been supplied with, or purchased your own 2Wire brand modem-router, you should without fail read my blog article about new vulnerabilities in 2Wire modems. The vulnerabilities, originally carried by spam emails, are now being exploited through hacked web pages, on compromised servers and websites. The same exploits can affect other routers as well, so anybody using a router for their home or office can benefit from my article. Some of the most important protection details are found towards the end of the article.