The use of the lesser known backtick operator and $_POST results in probably one of the smallest PHP one-liner minishells: ~12 characters
A phishing kit found in-the-wild during the development stage and leaks the ‘order notes’ from the buyer.
A skimmer that steals payment data from customers that check out using the SagePay payment method.
A variant of the
validateDataskimmer. This skimmer is saving payment data to a secondary file after the skimmer is injected into the Magento core file OnepageController.php.