menu

jsdelivr.at skimmer

2022-07-20 :: Luke
#jsdelivr.at  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  jsdelivr.at skimmer
A JavaScript injection found on a compromised Magento website loads a skimmer from jsdelivr.at and then exfiltrates the stolen data back.
Read more →

cdn-fonts.com skimmer

2022-06-16 :: Luke
#cdn-fonts.com  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  cdn-fonts.com skimmer
A JavaScript injection in the Magento database table core_config_data loads a skimmer and then exfiltrates the stolen data to the malicious domain cdn-fonts.com.
Read more →

js.staticounter.net skimmer

2022-06-12 :: Luke
#staticounter.net  #skimmer  #fraud  #magento  #ecommerce  #JavaScript  #website malware  js.staticounter.net skimmer
A JavaScript based skimmer loaded from an injection in the website’s Magento database table cms_block.
Read more →

Renamed wp-config.php => Sensitive Data Exposure

2022-06-08 :: Luke
#wp-config.php  #security misconfiguration  #sensitive data  #WordPress  #PHP  #website malware  Renamed wp-config.php => Sensitive Data Exposure
Attackers continue to find easy victims by crawling websites using enumeration techniques and looking for configuration files that have had their file extension modified.
Read more →

Popular Web Shell Variants Contain a Hidden Backdoor

2022-05-22 :: Luke
#wso yanz  #loggershell443  #web shell  #stealer  #backdoor  #PHP  #website malware  Popular Web Shell Variants Contain a Hidden Backdoor
Variants of popular PHP web shells have been popping up and analysis reveals that they contain a hidden backdoor used to steal the unauthorized access.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.