A newly discovered web skimming campaign running for the past year has already compromised over 40 e-commerce sites, according to researchers. The JavaScript protection vendor revealed that “Group X,” which exfiltrated card data to a server in Russia, used a novel supply-chain technique to compromise its victims. The cyber-criminals exploited a third-party software named Cockpit, a free web marketing and analytics service that was discontinued in December 2014. Cockpit is a JavaScript librar
