Sucuri finds malicious code being embedded in WordPress sites
The code harvests and exfiltrates payment information from ecommerce websites
The researchers are warning WordPress site admins to inspect all custom code
Cybercriminals are once again targeting WordPress websites with credit card skimmers, stealing victim’s sensitive payment information in the process.
This time around, the company sounding the alarm is Sucuri, whose researcher Puja Srivastava recently published a new analysis into the attack, noting criminals are targeting WordPress ecommerce websites, inserting malicious JavaScript code into a database table associated with the content management system (CMS).
