Two recent supply-chain attacks have allowed hackers to collect the payment info and user passwords of more than 4,600 websites.
According to ZDNet, the supply-chain attacks were spotted by Twitter user and Sanguine Security forensic analyst Willem de Groot and were still considered ongoing as of Sunday, May 12.
However, as ZDNet notes, that conclusion doesn’t seem to be supported by any proof. Also, the code found in the Alpaca Forms attack has been spotted on 3,435 sites. And the malicious code found in the Picreel attack was reportedly spotted on 1,249 websites so far.
It is currently unclear who the hackers are. However, it was reported by de Groot via Twitter on Monday, May 13 that the malicious code has finally been removed by Picreel and Cloud CMS.
- NASA hacked: 500 MB of mission data stolen through a Raspberry Pi computer
- TrickBot returns with new attack that compromised 250 million email addresses
- 7-Eleven’s mobile payment app shut down after hackers nab $500K from customers
- Norton vs. McAfee: Which Antivirus software is best for your small business?
- These 5 data breaches have left the biggest mark on Americans