This Week in Hacks: ShinyHunters Hit 7-Eleven, Trump Mobile Exposes Data, and Scammers Target World Cup Fans

Bitwarden removed language from its website pledging 'always free' services and 'inclusion' as core values, following a February price increase and leadership shifts, including its longtime CEO stepping into an advisory role. The new CEO, with a financial rather than cybersecurity background, has overseen these changes, raising concerns about the company’s commitment to accessibility and transparency. Meanwhile, the Trump Mobile website was found exposing customers’ private data publicly, likely already compromised before the issue was reported and fixed. The breach underscores ongoing security failures tied to the platform’s development delays. GitHub suffered another security incident after hackers infiltrated the platform by compromising an employee-owned device. This follows previous breaches, including a massive 38TB data leak by a Microsoft AI employee and a GitHub-related malware threat affecting millions of iPhone users. Scammers are exploiting World Cup excitement with fake booking sites, toll fraud texts, and phishing schemes targeting fans. Experts warn travelers to verify all transactions and avoid suspicious links to prevent financial loss. Microsoft reversed a flaw in Edge where passwords were stored in plaintext after backlash, while Discord improved security by enabling end-to-end encryption for voice and video calls. These updates reflect ongoing efforts to address vulnerabilities amid rising cyber threats.