September 4, 2024 at 11:53AM Cisco’s online merchandise store is currently offline and undergoing maintenance due to a compromise with malicious JavaScript code that steals sensitive customer details during the checkout process. The attack appears to be a CosmicSting vulnerability, affecting the store’s ability to process transactions and potentially compromising customer data. Cisco has not … Read more
April 1, 2024 at 11:05AM Data of over 1.3 million PandaBuy customers has been leaked due to vulnerability exploitation, reportedly by two threat actors. The leaked information includes user IDs, names, contact details, order information, and more. It has been confirmed that leaked emails are valid and originate from PandaBuy. The company has not publicly … Read more
December 22, 2023 at 09:55AM Europol has identified over 400 hacked websites with malicious scripts stealing debit and credit card details from online shoppers. A coordinated international operation involving 17 countries and private entities has uncovered 23 families of JavaScript sniffers. Online merchants are advised to be vigilant and consult Europol’s guide on digital skimming. … Read more