We clean up a lot of hacked websites, which means we often are dealing with website that flagged as serving malware by Google. In Google’s Search Console you can get whatever details they are providing on the issue they detected and request a review to have their warning removed after the website has been cleaned up. We often find that all they provide with is sample URLs where they have found the issue, but no details of the issue due to them being unable to isolate the malicious code being served. For us that usually isn’t a problem, but for those less experienced providing more information on what they are detecting in more cases would likely to improve cleanups. But now it seems things are going further in the wrong direction, as this week we dealt with a website where Google provided no details whatsoever on Security Issues page of the Search Console:
They also left a message where they did list a URL, so it seems the various pieces of their system are not working well together:
Hopefully Google will improve this, as in this case (and probably in plenty of others), the website only got properly cleaned up after Google started flagging it, so what they are doing is important, but could be better.