Hackers have reported breaches of three security firm websites this week in postings on the HackersBlog site.
In the latest name-and-shame attack, hackers used SQL injection and cross-site scripting methods to access data on a site belonging to Helsinki-based security firm F-Secure.
"Fortunately, F-Secure does not leak sensitive data, just some statistics regarding past virus activity," the posting on HackersBlog said.
As with similar attacks on the websites of security firms Kaspersky and partner BitDefender, F-Secure said the breach was limited, with no impact on customers or partners.
At the weekend, a blog posting revealed a hacker was able to breach Kasperky's US website and databases containing customer details.
Days later, another posting said, "Kaspersky are not the only ones who need to secure their database. Bitdefender has the same problems."
After the initial posting revealing vulnerabilities on Kaspersky's US website at the weekend, HackerBlog said the breach was not malicious.
"Our staff will never save or keep any confidential data, we just point our fingers to big websites with security problems," the posting said.