Mitigating the Rapid Increase of Magecart-Style Browser Session Attacks via a Universal Website Supply Chain Flaw.
Threat actors like the Magecart groups have successfully compromised multiple third parties within the website supply chain that provide critical website capabilities, functionality, and content. These actors have been exploiting a universal website supply chain flaw that leaves personally identifiable information (PII) and payment data exposed to theft from web sessions at mass-scale - repeatedly victimizing hundreds and even thousands of sites per campaign.
Based on open-sourced reporting, notable victims have included Ticketmaster, Best Buy, Delta Airlines, NewEgg, Sears, Pizza Hut, Kmart, 1-800-Flowers, Equifax, and TransUnion1.
Download this white paper to learn more.