Researchers found that hundreds of subdomains from prestigious universities like UC Berkeley and Columbia are serving porn and scam content due to poor DNS management. Attackers exploited decommissioned subdomains with outdated CNAME records to hijack university domains. This highlights significant security negligence in academic IT infrastructure.
Background
DNS CNAME records that remain active after subdomains are decommissioned can be hijacked to redirect legitimate domains to malicious content. Universities often maintain complex web infrastructures with inconsistent cleanup processes.
- Source
- Ars Technica
- Published
- Apr 25, 2026 at 03:00 AM
- Score
- 7.0 / 10