ZDNet

Microsoft: Credit card skimmers are switching techniques to hide their attacks

Card-skimming malware is increasingly using malicious PHP script on web servers to manipulate payment pages in order to bypass browser defenses triggered by JavaScript code, according to Microsoft.
Bleeping Computer

Hackers hide credit card stealing script in favicon metadata

Hackers are always evolving their tactics to stay one step ahead of security companies. A perfect example of this is the hiding of malicious credit card stealing scripts in the EXIF data of a favicon ...