This image was lost some time after publication.

Google's boast page for tools built on App Engine was struck by script kiddies with a relatively simple JavaScript-based exploit known as cross-site scripting. Yes, not exactly a high-level attack, but another black eye for a project that, like most of Google, will linger in beta for the next few years.