The website of Morocco's National Commission for the Control of Personal Data Protection (CNDP) was recently hacked, exploiting a security flaw in a vulnerable WordPress plugin. Malicious actors managed to insert inappropriate comments, which now appear in Google search results, without compromising the institution's sensitive data. The attack originated from a vulnerability in an outdated WordPress plugin, which allowed hackers to add content to the CNDP site. Such flaws are common on platforms that are not regularly updated and can be exploited to insert fraudulent links or damage an institution's reputation. Meanwhile, a large-scale DDoS attack is currently underway, targeting several websites, although the CNDP is not directly affected. This type of attack, which overwhelms servers with massive requests, can cause disruptions and redirect traffic. In response, the CNDP has taken several corrective measures, including removing the malicious comments and securing the site. The vulnerable plugins have been updated to prevent further exploitation. However, an incriminating text in Japanese, promoting fake Louis Vuitton bags, remains visible in Google search results. «Our company specializes in selling premium Louis Vuitton replica bags and counterfeit items. We offer models for both men and women, combining quality and exceptional resemblance to the original products», reads the text. The CNDP emphasizes that its website is separate from its internal information system, ensuring that the institution's sensitive data has not been affected. It remains committed to ensuring the security of its digital infrastructure and urges website administrators to strengthen the protection of their platforms against evolving cyber threats.