Hackers Abuse Trusted Tech to Steal Data in New Cyberattacks

Malware hides in plain sight by exploiting everyday software and user habits

Apr. 16, 2026 at 8:10pm

Got story updates? Submit your updates here. ›

A highly detailed, glowing 3D macro illustration of a computer motherboard with neon cyan and magenta lights illuminating the various components, conceptually representing the complex, interconnected nature of digital infrastructure that can be targeted by sophisticated cyber attacks.Cybercriminals are increasingly exploiting trusted technologies to launch stealthy data breaches, exposing the vulnerability of modern digital infrastructure.Washington Today

Recent cybersecurity research has uncovered two major malware campaigns that demonstrate how attackers are becoming more subtle and deceptive in stealing sensitive data. In one case, hackers hid credit card-stealing malware inside a nearly invisible, one-pixel SVG image embedded in Magento-based online stores. In another, attackers tricked macOS users into launching the built-in Script Editor tool to run hidden malicious code. These tactics show how cybercriminals are shifting away from obvious malware tactics and instead abusing trusted technologies and user habits to remain hidden longer and increase their success.

Why it matters

These new malware campaigns highlight a concerning trend of attackers exploiting everyday software and user behaviors to bypass security measures and steal sensitive data. As cybercriminals become more sophisticated, organizations and individuals must remain vigilant about emerging threats that hide in plain sight.

The details

In the first case, hackers compromised Magento-based online stores by embedding credit card-stealing malware inside a nearly invisible, one-pixel SVG image in the website's code. When customers clicked 'checkout,' they were shown a convincing fake payment page that quietly captured and encrypted their card details before sending them to attacker-controlled servers. In a separate campaign targeting macOS users, attackers used fake Apple-themed web pages to trick victims into launching the built-in Script Editor, a trusted macOS tool, to run hidden malicious code. This approach bypassed newer Apple security warnings and installed Atomic Stealer malware, which can harvest passwords, browser data, cryptocurrency wallets, and financial information.

  • The Magento-based credit card skimming campaign was discovered in late 2025.
  • The macOS Atomic Stealer malware campaign has been active since at least December 2025.

The players

Magento

An open-source e-commerce platform used by many online stores.

Apple

The technology company that develops the macOS operating system.

Atomic Stealer

Malware that can harvest passwords, browser data, cryptocurrency wallets, and financial information from macOS devices.

Got photos? Submit your photos here. ›

What’s next

Security researchers and cybersecurity experts will continue to monitor these evolving malware tactics and provide guidance to organizations and individuals on how to protect against these types of attacks.

The takeaway

As cybercriminals become more sophisticated in their methods, it is crucial for both businesses and individuals to stay vigilant and adopt robust security measures to protect against malware that hides in plain sight by abusing trusted technologies and user habits.