BleepingComputer reports that nearly 15,000 websites with almost 20,000 files each have been compromised in a widespread Google search engine optimization poisoning campaign redirecting to fraudulent Q&A sites.
WordPress accounted for most of the sites impacted by the SEO poisoning campaign, with the affected sites believed to be used as malware droppers or phishing sites in future attacks, a report from Sucuri revealed.
Cloudflare has been used to host most of the malicious subdomains leveraged by attackers, all of which have similar website-building templates suggesting that a single group of threat actors may be behind the scheme.
Several U.S. defense and government organizations have been targeted by state-backed Chinese hacking group Bronze Silhouette, also known as Volt Typhoon, for military intelligence over a period of at least two years, according to The Record, a news site by cybersecurity firm Recorded Future.
Russian, North Korean, and Iranian advanced persistent threat operations have been launching more attacks aimed at compromising small- and medium-sized businesses, as well as their regional managed service providers, reports SecurityWeek.