AI-Generated Spam Infiltrates Major Websites, Including Nvidia and US Government Domains

Why Was Nvidia Hosting Blogs About 'Brazilian Facesitting Fart Games'?

Domains owned by Nvidia, Stanford, NPR and the U.S. government are being quietly eaten by AI slop. Web domains owned by Nvidia, Stanford, NPR, and the U.S. government are hosting pages full of AI slop articles that redirect to a spam marketing site. On a site seemingly abandoned by Nvidia for events, called events.nsv.nvidia.com, a spam marketing operation moved in and posted more than 62,000 AI-generated articles, many of them full of incorrect or incomplete information on popularly-searched topics, like salon or restaurant recommendations and video game roundups. Few topics seem to be off-limits for this spam operation. On Nvidia's site, before the company took it down, there were dozens of posts about sex and porn, such as "5 Anal Vore Games," "Brazilian Facesitting Fart Games," and "Simpsons Porn Games." There's a ton of gaming content in general, NSFW or not; Nvidia is leading the industry in chips for gaming. "Brazil, known for its vibrant culture and Carnival celebrations, is a country where music, dance, and playfulness are deeply ingrained," the AI spam post about "facesitting fart games" says. "However, when it comes to facesitting and fart games, these activities are not uniquely Brazilian but rather part of a broader, global spectrum of adult games and humor." Less than two hours after I contacted Nvidia to ask about this site, it went offline. "This site is totally unaffiliated with NVIDIA," a spokesperson for Nvidia told me. On the vaccines.gov domain, topics for spam blogs include "Gay Impregnation," "Gay Firry[sic] Porn," and "Planes in Top Gun." The same AI spam farm operation has also targeted the American Council on Education's site, Stanford, NPR, and a subdomain of vaccines.gov. Each of the sites have slightly different names -- on Stanford's site it's called "AceNet Hub"; on NPR.org "Form Generation Hub" took over a domain that seems to be abandoned by the station's "Generation Listen" project from 2014. On the vaccines.gov site it's "Seymore Insights." All of these sites are in varying states of useability. They all contain spam articles with the byline "Ashley," with the same black and white headshot. NPR acknowledged but did not comment when reached for this story; Stanford, the American Council on Education, and the CDC did not respond. This isn't an exhaustive list of domains with spam blogs living on them, however. Every site has the same Disclaimer, DMCA, Privacy Policy and Terms of Use pages, with the same text. So, searching for a portion of text from one of those sites in quotes reveals many more domains that have been targeted by the same spam operation. Clicking through the links from a search engine redirects to stocks.wowlazy.com, which is itself a nonsense SEO spam page. WowLazy's homepage claims the company provides "ready-to-use templates and practical tips" for writing letters and emails. An email I sent to the addresses listed on the site bounced. Technologist and writer Andy Baio brought this bizarre spam operation to our attention. He said his friend Dan Wineman was searching for "best portland cat cafes" on DuckDuckGo (which pulls its results from Bing) and one of the top results led to a site on the events.nsv.nvidia domain about cat cafes. In the case of the cat cafes, other sites targeted by the WowLazy spam operation show the same results. Searching for "Thumpers Cat Cafe portland" returns a result for a dead link on the University of California, Riverside site with a dead link, but Google's AI Overview already ingested the contents and serves it to searchers as fact that this nonexistent cafe is "a popular destination for cat lovers, offering a relaxed atmosphere where visitors can interact with adoptable cats while enjoying drinks and snacks." It also weirdly pulls a detail about a completely different (real) cat cafe in Buffalo, New York reopening that announced its closing on a local news segment that the station uploaded to YouTube, but adds that it's reopening on June 1, 2025 (which isn't true). A lot of it is also entirely mundane, like the posts about solving simple math problems or recommending eyelash extension salons in Kansas City, Missouri. Some of the businesses listed in the recommendations for articles like the one about lash extension actually exist, while others are close names ("Lashes by Lexi" doesn't exist in Missouri, but there is a "Lexi's Lashes" in St. Louis, for example). All of the posts on "Event Nexis" are gamified for SEO, and probably generated from lists of what people search for online, to get the posts in front of more people, like "Find Indian Threading Services Near Me Today." AI continues to eat the internet, with spam schemes like this one gobbling up old, seemingly unmonitored sites on huge domains for search clicks. And functions like AI Overview, or even just the top results on mainstream search engines, float the slop to the surface.

US government vaccine hub, Nvidia events page abused in cyberattack spewing out AI slop

NPR, Stanford, and some US government sites were also taken over Several Nvidia-owned web domains were hijacked to show explicit and AI-generated content in a spam campaign that also targeted NPR, Stanford, and US Government sites. The Nvidia page, events.nsv.nvidia[,]com has now been taken down, but was seemingly an events site. The page was taken over and more than 62,000 AI-generated articles were posted, primarily containing incorrect or incomplete information about popular search topics like video game round-ups or restaurant recommendations. Elsewhere, a domain belonging to the US Department of Health and Human Services (HHS) advising on vaccines was also targeted, being defaced in a similar fashion. It's not clear who hijacked the site or the purpose behind it, since the AI slop doesn't seem to have a consistent theme or angle. The links in the pages direct to a "nonsense SEO spam page" stocks.wowlazy[.]com. Much of the content appears to have been apparently explicit, but much was also "entirely mundane" - the spam campaign was discovered thanks to a technologist who was searching for 'best Portland cat cafes' on DuckDuckGo and was directed to the events.nsv.nvidia[,]com site and a spam page about cat cafes. This isn't the first time that cybercriminals have hijacked websites in order to post their own content, but usually this contains some type of malware of infostealer to gain profit from the spam campaigns - but as far as we can see, that wasn't the case on this occasion. SEO seems to be a tool that cybercriminals are taking advantage of in order to deliver malware (or not) to a wider audience. To mitigate the risk from this type of attack, users should disable push notifications from sites they don't know/trust, and be very cautious with unfamiliar links. TechRadar Pro did reach out to the CDC, NPR, Stanford, and Nvidia for comment but haven't yet received a response.