Every week, a number of stories do not make it onto the virtual pages of SecurityFocus. So, for our readers that have a bit of time this weekend, here's some stories to keep up on:

A proof-of-concept computer virus that targets iPods made its way to antivirus firm F-Secure this week. The fake e-mail address claimed that Homer Simpson, the bumbling dad of The Simpsons cartoon, sent the virus and given the almost-comical problems with the code, he seems as likely an author as any. The virus does not target normal iPods, but only those that have been hacked to run Linux. Moreover, F-Secure couldn't even get the software to run on the iPods they had in their lab. As Homer would say: "Doh!"

If you thought the story about the animated-cursor flaw in Microsoft's Windows operating system ended with the patch released on Tuesday, think again. The Web site of motherboard maker ASUS reportedly got hit by a group of online vandals, who added an iframe redirect to a malicious download site that attempts to infect visitors via the ANI flaw. Leveraging hacked, but legitimate, Web sites to propagate malicious code has become a major vector to compromise end users.

SPI Dynamics' Billy Hoffman demoed some interesting ways of using JavaScript for malicious purposes at the ShmooCon conference at the end of March. Perhaps the most interesting was a pretty full-featured vulnerability scanner implemented in JavaScript and utilizing AJAX to allow a malicious Web site to use visitors' browser to scan and attack other systems. In effect, the software--which is only at the proof-of-concept stage--could create a short-term and transient bot net. And the code has now been leaked.

Wondering which operating system runs most securely out of the box? Apparently, not Windows nor the Mac OS X, according to an analysis that many researchers have cited in the past two weeks.