VulnHub

Real-time Cybersecurity News

Hackers use pixel-large SVG trick to hide credit card stealer

BleepingComputer
Actively Exploited
Malware

Overview

Researchers have discovered a significant cyberattack affecting nearly 100 online stores that use the Magento e-commerce platform. Hackers are embedding credit card-stealing malware within a tiny, pixel-sized Scalable Vector Graphics (SVG) image. This method allows the malicious code to go unnoticed while capturing sensitive payment information from unsuspecting customers. The attack impacts both businesses and their customers, as compromised stores could lead to financial losses and identity theft. Users shopping on these affected sites should be cautious and monitor their financial statements for any unauthorized transactions.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Magento e-commerce platform stores
  • Action Required: Website owners should review their code for any unauthorized SVG images, implement web application firewalls, and ensure that their security patches are up to date.
  • Timeline: Newly disclosed

Original Article Summary

A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image. [...]

Impact

Magento e-commerce platform stores

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Website owners should review their code for any unauthorized SVG images, implement web application firewalls, and ensure that their security patches are up to date.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware.

Read Original Article

Related Coverage

US nationals sentenced for aiding North Korea’s tech worker scheme

CyberScoop

Kejia Wang and Zhenxing Wang, two U.S. nationals, have been sentenced for their roles in a scheme that aided North Korean operatives in securing jobs with over 100 American companies. They created shell companies and operated laptop farms to facilitate this process, which allowed North Korean workers to bypass U.S. employment regulations. The actions of the Wangs not only undermined U.S. labor laws but also raised national security concerns by potentially enabling North Korea to access sensitive technologies and information. This case illustrates the risks of foreign interference in U.S. job markets and highlights the importance of vigilance in monitoring employment practices to protect against such schemes.

Apr 16, 2026

Operation PowerOFF identifies 75k DDoS users, takes down 53 domains

BleepingComputer

On April 13, 2026, law enforcement agencies conducted 'Operation PowerOFF,' which successfully identified 75,000 users involved in distributed denial-of-service (DDoS) attacks across 21 countries. The operation led to the takedown of 53 domains associated with these attacks. By targeting the DDoS ecosystem, authorities aim to disrupt the infrastructure that enables these types of cyberattacks, which can overwhelm websites and online services, causing significant downtime and financial losses. This operation is a crucial step in combating the growing threat of DDoS attacks, which have become increasingly sophisticated and harmful to businesses and individuals alike. The large number of identified users highlights the scale of the issue and underscores the need for ongoing vigilance in cybersecurity efforts.

Apr 16, 2026

ZionSiphon malware designed to sabotage water treatment systems

BleepingComputer

A new malware known as ZionSiphon has emerged, specifically targeting water treatment and desalination facilities. This malware is designed to disrupt operations within these critical infrastructures, posing a significant risk to public health and safety. Researchers are concerned about the potential for environmental damage and the impact on water supply systems that millions rely on. As attacks on essential services become more frequent, this situation emphasizes the need for enhanced cybersecurity measures in operational technology environments. The threat is particularly alarming as it could lead to unsafe drinking water and other serious consequences for affected communities.

Apr 16, 2026

The AI "Vulnpocolypse" Is Real? - PSW #922

SCM feed for Latest

A recent report indicates that a significant number of AI systems are vulnerable to various security threats, leading to what experts are calling a 'Vulnpocolypse.' Researchers have identified multiple weaknesses in popular AI models that could be exploited by attackers, potentially allowing them to manipulate outcomes or extract sensitive data. This situation poses risks not only to companies that rely on AI technologies but also to end-users who may be affected by compromised systems. The findings emphasize the urgent need for developers and organizations to enhance security measures around AI applications to prevent exploitation. As AI continues to evolve and integrate into more aspects of business and daily life, addressing these vulnerabilities is crucial for maintaining trust and safety in AI systems.

Apr 16, 2026

North Korea Uses ClickFix to Target macOS Users' Data

darkreading

North Korean hacking group Sapphire Sleet is targeting macOS users through deceptive tactics. They are using fake job offers and bogus Zoom updates to distribute a malware called ClickFix, which is designed to steal user credentials and sensitive information from Mac computers. This type of attack not only compromises individual users but also poses a larger risk to organizations that rely on macOS systems for their operations. The use of social engineering techniques makes these attacks particularly effective, as users may be more likely to fall for the ruse of legitimate job opportunities or software updates. It's crucial for macOS users to be vigilant about unexpected communications and to verify the authenticity of job offers and software updates before taking any action.

Apr 16, 2026

Cookeville Regional Medical Center hospital data breach impacts 337,917 people

Security Affairs

Cookeville Regional Medical Center in Tennessee suffered a significant ransomware attack that compromised the data of approximately 337,917 individuals. The attack, attributed to the Rhysida hacking group, resulted in the theft of around 500GB of sensitive information from the hospital's systems. This breach raises serious concerns about patient privacy and data security in healthcare settings. The stolen data could include personal health information, which could be exploited for identity theft or other malicious purposes. Affected individuals may need to monitor their accounts closely and remain vigilant against potential phishing attempts or fraud.

Apr 16, 2026