VERY IMPORTANT

A cybersecurity report details a malware campaign targeting numerous e-commerce websites running the popular Magento platform. Threat actors exploited a vulnerability to inject malicious code that skims payment data from online shoppers during checkout. The skimmer code is loaded from attacker-controlled domains, enabling criminals to harvest credit card numbers, expiration dates, and CVVs in real-time. Over a thousand unique theft attempts were detected, affecting hundreds of compromised stores. Retailers and shoppers should remain vigilant and use reputable security solutions to mitigate such threats.