Crypto and NFT projects are on an upward trajectory and cybercriminals’ new crush. Mint with caution! The warning goes across the users of multiple major NFT projects as hackers raid their Discord servers. Meanwhile, Anonymous made yet another claim against Russian entities. That’s not all. Researchers found a nasty RAT combining remote access, spyware, and ransomware into one package. Continue learning for the top ten highlights from the weekend.

Top 10 hacking news

1. Discord servers of major NFT projects, including Bored Ape Yacht Club, Nyoki, and Shamanz, were reported under attack. Hackers intended to trick users into clicking a bogus link to mint a fake NFT by sending ETH.

2. An attack on Mailchimp compromised its internal tools and hackers accessed 319 Mailchimp accounts for companies in the cryptocurrency and finance industries.

3. Anonymous leaked 15GB of data, along with 57,000 emails, allegedly stolen from the Russian Orthodox Church’s charitable wing. The leak is accessible only to journalists and researchers, as of now.

4. Cryptocurrency hardware wallet provider Trezor suffered a phishing attack. According to experts, the attackers’ ultimate intention was to steal funds by misleading investors.

5. Emma Sleep Company disclosed experiencing a Magecart attack via the Adobe Magento e-commerce platform that impacted its customers across 12 countries.

6. Spanish energy provider Iberdrola was hit by a breach wherein hackers pilfered the personal information of nearly 1.3 million customers.

7. A Mirai variant called Beastmode was found exploiting disclosed vulnerabilities in TOTOLINK routers. Operators added five new exploits within a month, with three targeting different models of routers.

8. Cyble discovered a new RAT, dubbed Borat. The malware—with a builder, feature modules, and a server certificate—offers ransomware and DDOS services to expand capabilities.

9. Researchers developed a new attack technique, dubbed Brokenwire, that abuses a flaw in the popularly used DC rapid charging technology (aka CCS) to disrupt charging for electric vehicles.

10. Two Six Technologies, a U.S. national security vendor, acquired River Loop Security, a provider of hardware and wireless protocol security.