Hackers spied on Forbes readers in November attack

The Forbes.com financial news site was infected by Chinese hackers with spying software that targeted specific visitors, including those at U.S. financial services and defense firms, according to two cybersecurity firms.

Read MoreNewsweek Twitter page hacked by CyberCaliphate

The hackers infected Forbes.com in November with software that automatically attacked visitors by exploiting security flaws in Microsoft's Internet Explorer browser and Adobe Systems' Flash software, cybersecurity firms iSight Partners and Invincea said on Tuesday.

"On December 1, 2014, Forbes discovered that on November 28, 2014, a file had been modified on a system related to the Forbes web site. The file was immediately reverted and an investigation by Forbes into the incident began. Forbes took immediate actions to remediate the incident. The investigation has found no indication of additional or ongoing compromise nor any evidence of data exfiltration. No party has publicly claimed responsibility for this incident," Forbes told CNBC in a statement.

The firms said they only had a limited view into the attacks based on customer data and other intelligence.

They said they only identified a few organizations in the defense and financial services sectors that were targeted and declined to identify them. They also said they did not know if the hackers had succeeding in stealing any data, though they believed other visitors to Forbes.com were affected.

Read MoreUS to establish new cybersecurity agency: Official

Forbes.com is the most popular website known to be compromised as part of an espionage campaign, according to iSight researcher John Hultquist. Previous cyberattacks on popular websites have involved malware used by cyber criminals, not spies, he said.

--CNBC contributed to this report.