Late last night, IT security training platform CTF365 was hacked, resulting in the leak of more than 10,000 user credentials.
Meanwhile hacking specialist, Tomasz Miklas, tweeted an image of the full headers of the malicious emails sent by attackers from the CTF365 account. Most of the emails were sent out between 19:00 and 20:00 GMT last night.
As of this afternoon, the CTF365 website remains unavailable, with the company insisting that it is continuing to work on the investigation. It has also stressed that all passwords are hashed and salted.