no script can be quite workable solution for all - just enable scripts globally in noscript and it'll filter only clickjacking. too easy.
for folks that values their web experience (and security) "full mode" is necessity - you'll see websites in their pure form, no crap attached (floating, popping, bugging ...). enjoy

I use noscript too (like every sensible person BB), and I've come across some hidden iframe click hijacking warnings but they were almost all false alerts and the hidden aspect was part of the functionality, that is to respond on graphs for redrawing and turn the page and such, so the point is that just because something is hidden doesn't mean it's bad, although I guess the coders could use other methods perhaps.

How about not regurgitating the same old tired "nonscript" non-solution that the majority of people will not ever bother with?

something has been done. get on the boat dude, yer info is way outdated.

NoScript has been blocking this for a while now. How about actually reporting and not just vomiting forth a slightly rewritten press release/blog post.