Magecart skimmer turns Stripe into a malware command server
Submitted 5 weeks ago by cm0002@suppo.fi to cybersecurity@infosec.pub
https://sansec.io/research/stripe-api-skimmer-infrastructure
Submitted 5 weeks ago by cm0002@suppo.fi to cybersecurity@infosec.pub
https://sansec.io/research/stripe-api-skimmer-infrastructure
lurch@sh.itjust.works 4 weeks ago
this is a shop owner account security problem. if someone can place the required malicious google tag on your site, they could also do whatever else they wanted. they could put any custom JS, for example. this stealer is just one of many payloads.