Skip to main content

Hackers inject malicious JS in Cisco store to steal credit cards, credentials

  • 4 September 2024
  • 0 replies
  • 2 views

Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

September 4, 2024 By Ionut Ilascu

 

Hackers inject malicious JS in Cisco store to steal credit cards, credentials

Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout.

Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to a compromise with JavaScript code that steals sensitive details provided at checkout.

It is unclear how the malicious JavaScript landed on Cisco’s store but BleepingComputer has been told by researchers who wish to remain anonymous that it appears to be a CosmicSting attack (CVE-2024-34102).

The Cisco Merchandise Store is a gift shop that provides Cisco-branded apparel and accessories (mugs, bottles, caps, powerbanks, bags, stickers, toys). At the time of writing, Cisco stores for U.S., Europe, and Asia Pacific, Japan and China (APJC) are unavailable.

 

>>Full Article<<

0 replies

Be the first to reply!

Reply