data theft
XPCTRA financial malware leaves no stone unturned
A Trojan that has previously been only stealing users’ banking credentials has been modified to do much more than that. This new variant, dubbed XPCTRA, can also steal …
Hackers stole contact info of 6 million Instagram users and are selling it online
Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number. Facebook-owned …
Seagate to pay millions for forking over employee info to scammers
A moment of inattention by one of its employees, and Seagate stands to lose tens of millions of dollars. No, the company was not the victim of a BEC scam – instead, it …
Two Iranians charged with hacking, stealing US missile design software
Two Iranians are accused of hacking of a US software company and the theft of missile design software restricted from export from the US without a license. Mohammed Reza …
Android backdoor GhostCtrl can do many unusual things
There is no shortage of Android malware, but it’s not often that one encounters an Android threat that can do as much as the GhostCtrl backdoor. According to Trend Micro …
How Magecart attackers monetize stolen payment card info
The Magecart campaign, aimed at compromising online shops with malicious JavaScript code to collects payment card info, is still going strong, and researchers have pinpointed …
PoS malware hits food kiosks, steals payment card info
PoS malware can lurk in the most unexpected of places, and some have recently been found in the payment kiosks by US-based vendor Avanti, stealing payment card information. …
US restaurants targeted with fileless malware
Morphisec researchers have spotted another attack campaign using fileless malware that is believed to be mounted by the infamous FIN7 hacking group. The goal of the campaign …
Hackers blackmail patients of cosmetic surgery clinic
Hackers have been trying to blackmail patients of a Lithuanian plastic surgery clinic, by threatening to publish their nude “before and after” photos online. The …
17 million Zomato accounts for sale following breach
Popular restaurant search and discovery service Zomato has suffered a breach, and the attackers made off with 17 million user records. What data was compromised? These records …
HandBrake malware attack led to theft of Panic apps’ source code
Oregon-based software company Panic Inc. has announced that some of the source code for their offerings has been stolen, and they are being blackmailed by the attackers. Panic …
Russian carding industry pioneer sentenced to 27 years in prison
32-year-old Roman Valeryevich Seleznev, aka Track2, has been handed the longest US hacking sentence to date: 27 years in prison. He was convicted in August 2016, of 38 counts …
Featured news
Resources
Don't miss
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025