A critical alert highlights the discovery of a WooCommerce payment skimmer (CVE-2026-48907) that compromises online stores by stealing card details during legitimate transactions. Cybercriminals have shifted from phishing tactics to directly targeting e-commerce sites, injecting JavaScript skimmers into checkout pages. The skimmer mimics the Stripe payment form, capturing sensitive data such as card numbers and CVVs while remaining undetectable to the user.
It disguises its presence, storing data using common tracking keys and encoding stolen information to evade detection. This stealthy method makes it difficult to identify the theft, with dwell times often lasting months. Merchants are urged to implement security measures against this evolving threat.