In their rush to implement Web services, some companies may be exposing themselves to new security risks that they may not fully understand, a security researcher said at the CanSecWest/core06 conference in Vancouver on Thursday. During a conference presentation, researcher Alex Stamos outlined how a number of Web services technologies, including the AJAX (Asynchronous JavaScript and XML) and the XQuery query language could be exploited by hackers to dig up secret information and attack systems. And hackers are catching on. Last month, security vendor Symantec issued its biannual Internet Security Threat report, noting that Web applications represent an increasingly attractive target for attackers. Of all vulnerabilities disclosed in the last six months of 2005, nearly 70 percent were associated with Web applications, Symantec said.