WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

9 hours ago [email protected] (The Hacker News)
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites


Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls.
“Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data,” Sansec said in a report published this week.
The attack,

The post “WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: ,

More Stories

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

3 hours ago [email protected] (The Hacker News)

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

5 hours ago [email protected] (The Hacker News)

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

23 hours ago [email protected] (The Hacker News)

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

1 day ago [email protected] (The Hacker News)

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

1 day ago [email protected] (The Hacker News)

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

1 day ago [email protected] (The Hacker News)