#SVGSkimmer

SVG Onload Tag Hides Magecart Skimmer on 99 Stores Sansec discovered a large-scale Magecart campaign using invisible SVG elements to inject a fake checkout overlay on 99 Magento stores, exfiltrating payment d...

Nearly 100 Magento stores infected in a single night via a "double-tap" SVG skimmer. Sansec identified 6 exfiltration domains, 5 previously unknown. Likely entry point: the unpatched PolyShell vulnerability. ⚠️
sansec.io/research/svg-onload-magecart-skimmer
#Magento #CyberSecurity #SVGSkimmer