The “blog-o-sphere” has been abuzz with discussion of a new security vulnerability dubbed “JavaScript Hijacking.” While not strictly a “new” vulnerability (it’s just a variant on CSRF), it is worth mentioning that Mosuki’s home-grown AJAX toolkit is completely immune to this type of vulnerability. JavaScript Hijacking requires that a site use JSON, and Mosuki doesn’t (in fact, I decided not to use JSON when I first heard about it, because it kinda seemed like a security hole). So, never fear, your Mosuki events are still safe from the new generation of script-kiddies and myspace phishers. Oh, and Mosuki is Y2K safe, too. 