If you’re one of the millions of folks visiting drudgereport.com, you may be exposed to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash to install malware on your computer.

Dubbed “malvertising,” it works by inserting malicious code into ads distributed by a company called, AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other popular websites.



According to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo’s ad network, exposing millions more people to the same drive-by attacks. h/t arstechnica

Malvertising is a particularly pernicious form of attack because it can infect unwitting users who are doing nothing more than browsing for news.