Welcome back from the holiday.
This post is reporting that a hacker is selling a zero-day exploit that leverages a cross-site scripting flaw in Yahoo Mail for $700. The hacker claims that the flaw can be exploited to hijack user accounts. Yahoo is allegedly responding to the vulnerability.