- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Clinton Today
By the People, for the People
SLED Warns of Hacked 'HereCity' News Websites in South Carolina
Malicious JavaScript injected into sites built on WordPress platform
Mar. 11, 2026 at 8:04pm
Got story updates? Submit your updates here. ›
The South Carolina State Law Enforcement Division (SLED) is warning that numerous local news websites across the state using the 'HereCity' platform have been hacked and are serving malicious JavaScript. The script prompts users to execute a command that downloads and runs a PowerShell payload, compromising their machines.
Why it matters
The HereCity network of local news sites is widely used across South Carolina, often ranking highly in Google search results for community news. The hacking campaign puts many residents at risk of having their devices compromised if they visit the infected sites.
The details
The malicious JavaScript is being served from the domains ewar4pres.com and road-to-hell.top, which should be treated as malicious infrastructure. When a user visits one of the compromised sites, the script displays a fake browser error or CAPTCHA prompt instructing them to copy and paste a command into their Windows Run dialog, which then downloads and executes a PowerShell payload silently in the background.
- The hacking campaign was first detected and reported by SLED on March 11, 2026.
The players
SLED
The South Carolina State Law Enforcement Division, the state's primary law enforcement agency.
HereCity
A private company that builds and operates local news websites for communities across the United States under the naming convention here[cityname].com.
What’s next
SLED is advising organizations to block all known compromised South Carolina-based HereCity sites and associated malicious infrastructure at the DNS and perimeter firewall levels, search logs for connections to the malicious domains, and look for suspicious PowerShell activity that may indicate the payload was executed.
The takeaway
This widespread hacking campaign targeting local news sites in South Carolina highlights the importance of robust cybersecurity measures, user awareness, and the potential risks posed by third-party platforms that many communities rely on for their news and information.
