Cybercriminals are abusing platform-as-a-service (PaaS) cloud provider Heroku to build web skimming apps and steal customer data.
Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
This blog post details the curious case of a web skimmer encountered in a poker application.
Despite the heat, criminals are hard at work stealing credit card data from unaware shoppers. July marks a notable increase in web skimmer attacks over previous months.
Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.
Magecart threat actors upload their skimming code onto GitHub in the latest attack against Magento websites.
The latest round of vulnerable WordPress plugins leads to an active traffic monetization campaign via hacked websites.