A new attack method, dubbed "universal man-in-the-browser," is capable of stealing information from any site visited by users -- not just ones hardcoded into the malware.
Employees at an international airport were targeted in a multifaceted attack that beat two-factor authentication, and included form-stealing and screen-grabbing functionality.
