"Hackers Inject Malicious JS in Cisco Store to Steal Credit Cards, Credentials"

Cisco's site for selling company-themed merchandise has temporarily been taken down due to hackers compromising it with JavaScript code that steals sensitive customer details entered at checkout. The researchers who discovered it say that it appears to be a "CosmicSting" attack in which threat actors inject HTML or JavaScript code in CMS blocks rendered in the checkout flow. This article continues to discuss the compromise of Cisco's store site by hackers through the injection of malicious JavaScript code.

BleepingComputer reports "Hackers Inject Malicious JS in Cisco Store to Steal Credit Cards, Credentials"

Submitted by grigby1

Submitted by Gregory Rigby on