Singapore-based infosec firm Group-IB has detected a group that spent the last two months of 2023 stealing personal info from websites operated by jobs boards and retailers websites across Asia. The actors, dubbed “ResumeLooters” by Group-IB, used SQL injection and Cross-Site Scripting (XSS) attacks to steal databases from the sites.
Source: The Register