We recently consulted on an incident where a bad actor compromised a large ecommerce website. They were able to manipulate elements of the checkout page to hijack the users card information. They targeted an onclick action when the user clicked “continue”. While the platform was not storing the data locally, they had local scripts capturing […]