Web threats continue to dominate the security landscape, according to two new studies released this week.

Web and messaging security provider Websense reported that in the first half of 2008, 60 of the 100 most popular web sites either hosted malicious content or redirected users to malicious sites.

Hackers are targeting these sites, many of which are social networking sites, because of their large user base, good reputation and use of user-generated content, which makes it easier to upload malicious code, said Websense.

"There is an element of trust in the Web 2.0 world that the web sites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of web sites to launch attacks," said Websense chief technology officer Dan Hubbard in a statement.

In related news, IBM's X-Force threat report has found that hackers are focusing their efforts on vulnerabilities in browser plug-ins. According to the new report, in the first half of this year, 78 per cent of web browser exploits were targeted at this area.

The research also argued that new automation techniques mean hackers can exploit vulnerabilities more quickly than ever before, often before an effective patch has been written.

"The two major themes in the first half of 2008 were acceleration and proliferation," said X-Force operations manager Kris Lamb. "Without a unified process for disclosing vulnerabilities, the research industry runs the risk of actually fueling online criminal activity."