According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.

For example, news sites—50 percent of which were risky—typically run ads from third-party advertising networks.

To read this article in full or to leave a comment, please click here