universities

Scammers have exploited poor record-keeping at top universities to hijack hundreds of subdomains, serving explicit pornography and malicious scams. Researcher Alex Shakhov identified at least 34 affected institutions, including UC Berkeley, Columbia University, and Washington University in St. Louis. The vulnerabilities arise from unremoved DNS CNAME records for decommissioned subdomains.