Researchers Uncover Sophisticated Web-Skimming Campaign Targeting Online Retailers

Cybersecurity researchers from Jscamblers have discovered a sophisticated web-skimming campaign targeting online retailers. This campaign exploits an older version of the Stripe API to steal customers' credit card information. Attackers inject malicious code into e-commerce sites using WooCommerce on WordPress, enabling them to capture credit card data during transactions. The compromised sites redirect the stolen information to servers controlled by the hackers. This attack has been observed on several e-commerce sites, putting sensitive customer data at risk.