WebRTC-Based Payment Skimmer Targeting ECommerce Sites Via PolyShell Vulnerability

Executive Summary On 24 March 2026, Sansec Researchers identified a novel payment skimmer leveraging WebRTC data channels rather than conventional web requests to load malicious code and exfiltrate stolen payment data, bypassing traditional security controls. Sansec reported the skimmer targeting ecommerce sites throughout March 2026 by exploiting a PolyShell vulnerability in Magento and Adobe Commerce. Key Takeaways  Novel Exfiltration Technique: This is reportedly the first observed instance of WebRTC being used…

Read More