A Magecart card-skimming campaign this month sabotaged the mobile websites of two hotel chains by executing a supply chain attack on a third-party partner, researchers have reported. The third party in both instances was Roomleader, a Barcelona-based provider of digital marketing and web development services. One of the ways Roomleader helps hospitality companies build out their online booking functionality is through a library module called “viewedHotels,” which saves viewed hotel information in visitors’ browser cookies.
Source: SC Magazine