A JavaScript injection in the Magento database table core_config_data loads a skimmer and then exfiltrates the stolen data to the malicious domain cdn-fonts.com.