When I first read this discussion, I just assumed that BrowseAloud was some sort of ad-tech or analytics code. But it's assistive technology for screen readers. The list of web sites that were compromised were web sites that were trying to do the right thing to help disabled users.

Ad-tech is a giant security hole that can't be fixed without burning it all down, but BrowseAloud could be fixed.