"Hackers Inject Malicious JS in Cisco Store to Steal Credit Cards, Credentials"
Cisco's site for selling company-themed merchandise has temporarily been taken down due to hackers compromising it with JavaScript code that steals sensitive customer details entered at checkout. The researchers who discovered it say that it appears to be a "CosmicSting" attack in which threat actors inject HTML or JavaScript code in CMS blocks rendered in the checkout flow. This article continues to discuss the compromise of Cisco's store site by hackers through the injection of malicious JavaScript code.
Submitted by grigby1
Submitted by Gregory Rigby
on