National Cyber Warfare Foundation (NCWF)

CSP FY: A Magecart Attack That Dodges Policy and Makes a Joke While Doing It
0 user ratings		2025-04-17 18:39:24
milo
Attacks

by Source Defense When attackers are clever enough to name their cookie “csp_f_y,” you know they’re not just exfiltrating data—they’re mocking your defenses. In a recent attack spotted by the Source Defense Cyber Research team, a compromised first-party script on a payment page stored sensitive data in a cookie named csp_f_y. The exfiltration didn’t happen


The post CSP FY: A Magecart Attack That Dodges Policy—and Makes a Joke While Doing It appeared first on Source Defense.


The post CSP FY: A Magecart Attack That Dodges Policy—and Makes a Joke While Doing It appeared first on Security Boulevard.



Scott Fiesel

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/04/csp-fy-a-magecart-attack-that-dodges-policy-and-makes-a-joke-while-doing-it/?utm_source=rss&utm_medium=rss&utm_campaign=csp-fy-a-magecart-attack-that-dodges-policy-and-makes-a-joke-while-doing-it

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.