Magecart attackers compromised at least 374 e-commerce sites running end-of-life Magento in a day, including planting 19 backdoors on a single website through SQL injection on a vulnerable plugin.
Magecart cybercrime group appears to have broaden their supply chain attacks to target more sites by going after third-party advertising vendors that works with media or entertainment websites.
Sansec researchers found a new Magecart credit card skimmer capable of exfiltrating payment information from stores on multiple eCommerce platforms, including ZenCart, WooCommerce, Shopify and BigCommerce.
