Recent reports indicate a significant security breach affecting hundreds of e-commerce websites as a result of a supply-chain attack. This assault has compromised at least three software providers, allowing malicious code to execute within the browsers of site visitors. Researchers from the security firm Sansec found that the malware had remained dormant for six years before becoming active, impacting potentially over 500 sites. A notable multinational company is among those affected, and the attack enables full remote code execution, enabling attackers to run data-stealing software on customer machines.
The widespread supply chain attack targeted at least 500 e-commerce sites, compromising sensitive customer data by executing malicious code via visited browsers.
Attackers utilized a dormant backdoor that became active recently, allowing full remote code execution and the ability to inject skimming software for payment theft.
Collection
[
|
...
]