An infrastructure contractor in Florida hosted malicious code on its website in what’s known as a watering hole attack. 1,000 end-user computers visited the infected site during the 58-day window beginning Dec. 20, 2020, before it was remediated on Feb. 16, 2021. The malicious code functioned as a browser enumeration and fingerprinting script that harvested various details about the website’s visitors. The collected information was then exfiltrated to a database hosted on a Heroku app that also stored the script.
Source: https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html