Magecart Used Same Skimmer against Two Web-Based Suppliers

Magecart Used Same Skimmer against Two Web-Based Suppliers
Magecart threat actors used the same skimmer against two web-based suppliers to try to steal users’ payment card information.The first attack occurred at 15:56:42 GMT on 10 May when bad actors injected the skimmer into the bottom of a script used by enterprise content management system CloudCMS. This malicious action targeted version 1.5.23 of the script, which limited the scope of this attack. According to RiskIQ, version 1.5.23 affects just 20 percent of sites using CloudCMS.Even then, RiskIQ observed that only a few hundred websites were using CloudCMS scripts at the time of detection. Those using the affected version of the script were le ..