WHEN A PNG ISN’T A PNG; NEW MAGECART SKIMMER DISCOVERED August 5, 2025 The Source Defense Research Team has uncovered a new Magecart campaign. Instead of using a traditional script, the attackers deliver malicious code disguised as a PNG image file. While appearing harmless, the file actually contains base64‑encoded JavaScript that silently harvests payment card The post When a PNG Isn’t a PNG: New Magecart Skimmer Discovered appeared first on Source Defense.
