Attackers have taken over at least one expired domain that used to host a popular JavaScript library and used it to deliver web skimming scripts to a number of e-commerce sites.
Read More“The victim websites had years to remove the dead link that was leveraged by attackers but didn’t – likely due to a lack of visibility about third-party scripts running on their websites and poor security hygiene,” Jscrambler researchers noted.