When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Using this tactic, attackers can redirect unsuspecting victims from legitimate .gov websites to fraudulent pages.
This vulnerability, identified as CVE-2024-25608, impacts platforms like Liferay, widely used by governmental organizations.
Credential phishing remains the most common form of abuse tied to .gov domains, the paper explains.
The majority of government domains used in phishing attacks hosted up to nine different files across various campaigns.
