There should be a metric for sites hosting malicious content!

https[:]//erasmus-plus.ec.europa.eu/sites/default/files/2026-05/mortal-kombat-2-cs.pdf

Might be worth enclosing that URL in quotes or using [dot] in the URL instead, so people don't accidentally click on that "mortal-kombat-2-cs.pdf" file that Europa.EU is hosting.

VirusTotal claims the PDF file is clean, but I don't think I'd fully trust it anyway. If you do find malicious content, could be worth submitting the URLs to VirusTotal so that the domain is flagged by browsers (eg Google SafeBrowsing) and people can't accidentally visit ec.europa.eu domains until it has been cleaned.

▲

embedding-shape 21 minutes ago | parent | next [-]

> people can't accidentally visit ec.europa.eu domains until it has been cleaned

Just to be safe, couldn't we globally disable BGP and internet transit in general in the meantime? In case someone tries to visit it by other means?

	▲	SyneRyder 2 minutes ago \| parent [-]
		Oh man, I didn't think of that! You're right, disabling BGP is a better approach. Although a narrower approach might just be to MITM SSL connections of the general European public. Then you can check if any of those visits are to ec.europa.eu, and either block it outright, or keep a record of people who visited the website. You've already got their IP from the tracking cookies europa.eu drops before asking cookie permission, and you want to make sure you inform them of compromise. It shouldn't be too hard to lookup the citizen's postal address, it's probably in one of those ec.europa.eu databases that was left in a public AWS bucket. [1] [1] https://www.bleepingcomputer.com/news/security/european-comm...

▲

Foivos an hour ago | parent | prev [-]

The domain is legitimate though.