https://www.bleepingcomputer.com/news/security/hackers-stole-over-20-million-in-from-misconfigured-ethereum-clients/

A group of hackers has stolen over $20 million worth of Ethereum from Ethereum-based apps and mining rigs, Chinese cyber-security firm Qihoo 360 Netlab reported today.

The cause of these thefts is Ethereum software applications that have been configured to expose an RPC [Remote Procedure Call] interface on port 8545.