Orchestrated magecart attack hits 35 U.S. websites built by the same company
ORCHESTRATED MAGECART ATTACK HITS 35 U.S. WEBSITES BUILT BY THE SAME COMPANY A new Magecart campaign is making waves—and not just for its scale. In
Webinar Replay: Last Minute Change to SAQ-A for QSAs
Download the CoalFire whitepaper below
[Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1
Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
The most talked about and concerning new requirements in PCI DSS 4.0 fall under sections 6.4.3 and 11.6.1. For the first time, merchants are required to implement security controls to prevent eSkimming attacks. These new requirements require control of all scripts running on merchant eCommerce websites.
In this new whitepaper “A Holistic Approach to Protecting Credit Card Payment Flows,” CoalFire chimes in with background on the problem, guidance on scope, advice on how best to secure credit card data in eCommerce transactions, and a review of the Source Defense approach.
Other things you might be interested in
Double-entry magecart campaign adapts per website and language
DOUBLE-ENTRY MAGECART CAMPAIGN ADAPTS PER WEBSITE AND LANGUAGE Source Defense researchers have uncovered a global Magecart campaign that takes localization and deception to a new
The “perfect” Magecart attack: fake stripe form with zero external footprint
THE “PERFECT” MAGECART ATTACK: FAKE STRIPE FORM WITH ZERO EXTERNAL FOOTPRINT August 26, 2025 The Source Defense Research Team has observed a rare and highly
Magecart attack via 1X1 SVG & websockets
MAGECART ATTACK VIA 1X1 SVG & WEBSOCKETS August 12, 2025 The Source Defense Research Team has uncovered a new Magecart campaign impacting over 50 e-commerce websites,