Government and university websites targeted in ScriptAPI[.]dev client-side attack
cside.dev
Yesterday we discovered another client-side JavaScript attack targeting +500 websites, including governments and universities. The injected scripts create hidden links in the Document Object Model (DOM), pointing to external websites, a programming interface for web documents.