14-year-old Discontinued CMS Editor Exploited To Compromise Education And Government Entities Worldwide

14-year-old discontinued CMS editor exploited by threat actors to compromise education and government entities worldwide, poisoning search results with malicious sites or scams. Open redirects occur when websites allow arbitrary redirection requests, potentially leading users to external URLs without proper validation or security checks. Attackers abuse these redirects for phishing, malware distribution, or scams, appearing to originate from legitimate domains. This tactic can bypass URL filters and aid SEO poisoning campaigns by leveraging trusted domains to boost malicious URLs in search results. Since open redirect URLs merely point to malicious content rather than hosting it directly, they can persist in search results until reported for takedown. Despite this, some companies, like Google and Microsoft, may not address open redirects unless they pose a significant security risk. Read more...